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_ The only difference 
is the money you save. 


ith 17 years of knowledgeable experience ¥ : 53 am monitors, memory and interfaces, as well as 
and reliable service, Monterey BayCommu- > — a variety of printers. 
nications is a leader in Hewlett-Packard workstation All equipment is warranteed and eligible for 
remarketing. We're professionals at pro- Hewlett-Packard maintenance. An 
viding HP 1000 and 9000 users with extensive parts and spares inventory 


reliable equipment that is functionally aig and knowledgeable staff ensure 
and cosmetically identical to what HP Support / Tech Expertise prompt service and immediate 
offers — and at substantial cost savings. inital 3 delivery. 

- Maintenance Eligibility aa ; 
In addition to the 700 / 400 / 300 / 200 Substantial Cost Savings For more detailed information or 
series, Monterey Bay Communications Simple Order Processing a price quotation, give MBC a call at 
also offers mass storage systems, ac ee 408/429-6144. 
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ON TERE Y CBA Y The HP Workstation Remarketing Specialists 


Monterey Bay Communications Inc., 1010 Fair Avenue, Santa Cruz, CA 95060 Tel: 408-429-6144 Fax: 408-429-1918 


We'd like to thank Hewlett-Packard. 


See us in 
booth 1725 
at HP World 
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“Crystal” Award for significant achievement 
in HP OpenView Systems and 
Network Management. 


We deeply appreciate the honor and we value 
our excellent relationship with Hewlett-Packard. 


Come to our booth at HP World to see the award, 
and discover why we earned it! 


pmcriech 


Systems & Network Management 
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1-800-INOTECH www.inotech.com 
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Partner 


CONTINUUM ENTERPRISE SERVER 


Stratus and Continuum are registered trademarks of 
Stratus Computer, Inc. HP-UX is a trademark of the 
Hewlett-Packard Company. 


PPLICATIONS & 


TOLERANCE? 


HOW MUCH WORK WILL THAT BE? 


NONE! 


No additional hardware. No software. No training. No 


consulting fees. Now your critical applications can be 


fault tolerant simply by running them on our platform! 
The Continuum® Enterprise Server is completely 
binary-compatible with your HP-UX applications. No 
recompiling or extra code needed. Guaranteed! 


w.stratus.com 
ago. 1(800) 486-9194 
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ONE account, ONE Ee 
Is it REALLY possible? 


With SnareWorks from IntelliSoft it is. 
By utilizing both secret key and public 
key encryption technology, combined with 
SnareWork’s transparent operation, you can 
implement single sign-on across the enterprise. 
All of your intranet applications, the off-the-shelf 


ones and the ones that you developed in-house, 


Visit our Web site at \ 


to learn more > about SnareWorks ant 
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- Distributed Momputing Solutions 


For Information Call 508-635-9070 
IntelliSoft Corporation 5 Broadview Road, Acton, MA 01720 
Fax: 508-635-9210 URL: http://www.isoft.com E-mail: info@isoft.com 


©1997 IntelliSoft Corporation. All rights reserved. SnareWorks and the IntelliSoft logo are trademarks of 
IntelliSoft Corp. Snare may be a trademark or registered trademark of its respective company. 
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you're secure 
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Portions of SnareWorks are licensed from Snare Networks Corp. S$ 


can now be accessible through a single, secure 
identification and authentication mechanism. 
And to make matters even more secure, you can 
configure any user to identify themselves 
through a password, a hardware token, a 
public key certificate, or even a smartcard. 


FEATURES 


m Single Sign-On 

= Scalable Authorization Framework 

= Centralized Graphical Rule-based Configuration 
= Transparent Operation 

= No Programming Required 

= No Application/Library Replacements 


m= Extensible to any Application Using 
Protocol Support Modules™ (PSM) 


= Transparent Tunneling for Virtual Private Networks 
= Dynamic User Registration for Extranets 

= Downloadable Client 

= ZERO Management on the Desktop 
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The Quest for Ubiquitous DCE 

DCE and the Web—a match made in heaven? The DCE/Web 
Advanced Technology Offering from the Open Group promises to 
bring to the Web a scaleable security model with built-in authori- 
zation. And the Web highlights a broader market that DCE can 
tackle: the corporate intranet. This article offers an overview of 
DCE and a glimpse of IntelliSoft’s DCE/Snave. 

Jonathan Chinitz 


30 
Mathematica 3.0 


Using your workstation for engineering, science, statistics, 
data analysis, mathematics, or technical education? Here is an 
introductory look at the latest version of Mathematica from : 
Wolfram Research. If you have been thinking about investigating 
this vast and flexible program, this article should give you a good 
idea of what you can do with Mathematica 3.0. 

Michael Ehrhardt 


50 


CGI Programming: Getting the Most 
from Web-Based Forms 

JavaBeans and ActiveX get plenty of hype these days, but you 
can get a lot out of “simple” CGI scripts. This article—for the Perl 
and CGI savvy —fills in a glaring gap in CGI coverage available 
in programming books: treating Web forms as single CGI scripts. ; 
Once you grasp this idea, you'll be able to create much more complex lf 


forms without the accompanying design problems. 
Chris Cobb 
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Tough to scale 


Protect your investment in tape 
backup equipment with the 
LibraryXpress system. Begin with 
a base module containing one or 
two DLT4000 or DLT7000 drives 
and 10 cartridges. This will pro- 
vide you with a storage capacity of 
up to 700 gigabytes and a data rate 
of 72 gigabytes per hour. 
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Easy to scale 


Scale up with any combination 
of stackable modules. Choose 
from a performance module, with 
up to five drives, or a capacity 
module, with 16 cartridges. 
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The exclusive Global Control unit passes cartridges between modules, allowing any cartridge to 


access any drive in the system, for true maximum system performance. Up to nine modules can be 


combined to create the ultimate automated storage system. Network administrators can 


continually fine-tune LibraryXpress expansion by balancing the ratio of tape drives to cartridges. 


Optimal configurations based on individual capacity, performance and budget requirements are 


easily achieved without the need to lock into a vendor-defined growth path of only a few possible 


configurations. 


IEM is a full solution provider: 


Combine LibraryXpress with our excellent software backup choices Alexandria and DallasTools. 


IEM: Providing Solutions for a Lights-out Environment 


In the U.S. and Canada: 
IEM, Inc., P.O. Box 1889 


Phone: (970) 221-3005 
(800) 321-4671 
Fax: (970) 221-1909 


© 1997 Anis Inc. LX1.0497 


Fort Collins, CO 80522 USA 


In the United Kingdom: All others: 

IEM, Inc., Unit 6, Salisbury House, IEM International Sales 
Wheatfield Way, Hinckley Fields, 1629 Blue Spruce Drive 
Hinckley, Leicester LE10 1YG Fort Collins, CO 80524 USA 
Phone: +44 (0)1455 239000 Phone: +[1] 970-221-3005 
Fax: +44 (0)1455 239668 Fax: +[1] 970-221-1909 


email: info@iem.com 


http://www.iem.com 
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New Products 


Web Site Tracking 

Andromedia, Inc. has announced a 
partnership with Hewlett-Packard to 
provide solutions for reporting and 
understanding activity on Web sites. 
ARIA Recorder Reporter, Andromedia’s 
Web site tracking tool, will be optimized 
for HP-UX through a joint marketing 
and technology alliance. ARIA combines 
capture of Web site activity data as it hap- 
pens with ease of installation and main- 
tenance. Automatically generated 
reports are available through an ordi- 
nary Web browser. ARIA sites may cus- 
tomize the information displayed to 
match their needs. 

Contact Andromedia, phone: (415) 
278-0700, http://www.andromedia.com. 


Secure Web Server 

C2Net Software, Inc. has announced 
Stronghold 2.0, a major upgrade to its 
secure Web server based on Apache. 
Stronghold now includes uncompro- 
mised security, Web-based configura- 
tion, and new protocol support. 

Current “export” versions of Netscape 
and Microsoft Web servers use a weak 
40-bit cipher. By comparison, all C2Net 
software can use at least 128-bit keys. 

Stronghold is now fully compliant 
with the new HTTP/1.1 standard. 
HTTP/1.1 contains many new features, 
including improved content and lan- 
guage negotiation, improved persistent 
connections, and better recovery from 
interrupted transfers. 

Stronghold 2.0 also includes a Web- 
based configuration manager, allowing 
administrators to administer sites from 
their chosen Web browser. 

The new release includes support for 
Secure Sockets Layer (SSL) Version 3, 
which provides stronger security and 
more flexibility in choosing ciphers. 


Contact C2Net Software, phone: 
(510) 986-8770, http://www.c2.org. 


Empress RDBMS 

Empress has announced Empress 
RDBMS V6.10. To increase speed, 
reduce memory usage, and optimize the 
transfer of BLOB data across the net- 
work, bulk segmentation facilitates the 
retrieval and update of specified por- 
tions of BLOB data in a record. For 
dynamic Web information and to aug- 
ment the power of an HTML applica- 
tion, the Empress Report Writer can be 
used as a CGI program. A JOBC/ODBC 
Bridge Interface enables Java program- 
mers to access Empress databases 
through the use of standard JDBC calls. 
For the real-time and near-real-time 
developers, Empress engineers have 
developed a microsecond timestamp that 
marks time to one millionth of a second 
and keeps dates to the year 10000. 

Empress RDBMS V6.10 is available 
as a developer’s toolkit, which also 
includes an HTML toolkit, ODBC 
Server and Client, and Dynamic SQL. 
Pricing for the Empress RDBMS V6.10 
developer’s toolkit starts at $1,000 for 
two users on Windows NT, $5,600 for 
typical workstations, and $22,400 for 
midrange servers. The Empress RDBMS 
runs on Windows and all major UNIX 
platforms, including HP-UX. 

Contact Empress, phone: (301) 220- 
1919, http://www.empress.com. 


ODBC Driver for COBOL 

Acucobol, Inc. has announced 
AcuODBC, the Vision ODBC Driver. 
This new interface links COBOL data 
with Microsoft Windows graphics. 

AcuODBC allows reads and updates 
to the vision data and provides flexibil- 
ity for both end users and developers. 


Applications need to be compiled only 
once to instantly plug into any ODBC- 
compliant data source—no restructur- 
ing or reengineering is needed. 
AcuODBC operates in single-tier 
(stand-alone) and multitier (client-server 
or networked) environments; it is avail- 
able in both 16-bit (for Windows 3.x) 
and 32-bit (for Windows NT and 95) ver- 
sions; and it supports SQL commands 
and options by translating the ODBC 
SQL calls into Vision I/O commands. 
Pricing for AcuODBC starts at $300. 
Contact Acucobol, phone: (800) 
COBOL85 or (619) 689-7220, fax: (619) 
566-3071, http://www.acucobol.com. 


Database Backup Software 

IEM, Inc. has announced DallasTools, 
a suite of layered products designed to 
facilitate the complete backup, restore, 
and archiving of a heterogeneous network 
environment using standard communi- 
cation protocols and a wide range of stor- 
age devices. The product is able to back up 
data to any device connected to any UNIX 
server on the network and control it cen- 
trally from a DallasTools Cluster server. 

DallasTools supports a wide range of 
storage devices, including all 8:mm tape 
drives (except 8200), all 44mm DAT 
drives, 3480/90 style tape drives, DLT 
drives, and optical devices. 

Contact IEM, phone: (970) 221- 
3005, fax: (970) 221-1909 (U.S.); 
phone: (+44) 01455 239000, fax: (+44) 
01455 239668 (U.K.). 


Embedded Web Server 

Real Time Integration, Inc. has 
added an embedded Web Server inside 
the NetAcquire distributed data acqui- 
sition system. NetAcquire is an intelli- 
gent data acquisition system that makes 
analog and digital data available over 


YOUR CONCERN FOR YOUR 
DATA INTEGRITY IS OUR BUSINESS 


Proven Storage Solutions For Mission Critical Applications 


WHEN DATA IS CRITICAL TO YOUR FUTURE, 
CHOOSE CONLEY’S HIGH AVAILABILITY SOLUTIONS 


*Easily monitor you sms status 


‘ ‘ Poy ie P14 sf 
access to on-line data *Competent emer failable 24-7 


*Achieve maximum protection against data loss *Guarantee syste dancy to eliminate crashes 


If you lose your job, it won’t be because you lost your data 


Top financial institutions identify CONLEY as their premier choice for high availability RAID solutions 


CONEY 


Conley Corporation 420 Lexington Avenue New York, New York 10170 
Tel: 212.682.0162 Fax: 212.682.0071 email info@conley.com www.conley.com 
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" ‘SMART SOFTWARE > 
FORT UMB TERMINALS 


oe _FineLine 
_ FineLine | 
Aneel, 
a : _ TM 
. . "Manager 
al oe aie based Prater menu generation 
3 _ action game for UNIX. _ software for creating character- 
sed Enables playing multiple based user menus which can 
ail terminals against each execute any command with a 
__ other in real-time. _ single keystroke. 


Pricing starts at only 
$75 for 5 users, 


_ Pricing : starts at coy 
0 for 2 users. 


| oad a frac trial copy from (800) 633-5250 
_ the Weborcallusfora30day (717) 688-95ll 


a evaluation copy complete with 
_ ‘ Web: wuiw.soundideas.com 
oe a be oan Exmall: info@soundideas.com 
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Heroix RoboMon Version 6.2 


NT System 
Administration 

Heroix Corporation has 
announced RoboMon 
Version 6.2 for Windows NT. 
The RoboMon NT software 
automates Windows NT sys- 
tem administration by monitoring and solving many problems associated with 
Microsoft's Windows NT Server, Exchange Server, Internet Information Server, 
SQL Server, and Systems Management Server. 

RoboMon NT’s Rule Wizard provides a fully integrated, graphical environ- 
ment where users can easily customize RoboMon to monitor and solve site-spe- 
cific problems. RoboMon monitors Windows NT based on rules that determine 
what conditions to look for and what notification or corrective actions to take 
when it encounters problems. It places schedules, selections, conditions, and 
actions at the user’s fingertips in an easy-to-use, graphical form. 

An enhanced set of out-of-the-box rules now includes new rules for check- 
ing directories, application failures, and changes to security policy. 

RoboMon’s e-mail notification action now supports Lotus’ CC: Mail and 
SMTP mail as well as Microsoft Exchange. RoboMon rules can now page per- 
sonnel through an integrated paging action. The SNMP Trap action has been 
enhanced to allow severity and status information to be sent to Network Managers 
such as OpenView. 

Contact Heroix, phone: (800) 229-6500, ext. 232, http://www.RoboMon.com. 


an Ethernet network. The NetAcquire 
embedded Web Server option allows for 
configuration and monitoring functions 
of hardware test and measurement 
applications from anywhere on a net- 
work. A Netscape Web client can easily 
administer all NetAcquire nodes on an 
intranet or the Internet. Configuration 
options include TCP/IP network set- 
tings, number and type of data chan- 
nels, sample rates, refresh interval, and 
advanced server-side data processing. 

NetAcquire embedded Web Server 
appears on a network as both a Web 
and an FIP server. Access control is 
also available using configuration pass- 
word protection. 

The NetAcquire Web Server is com- 
patible with most Web browsers, includ- 
ing Netscape 3.0 and Internet Explorer 
3.0. It is included with new NetAcquire 
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hardware, which is priced at $5,495. 
Current users may upgrade for $495. 
Contact Real Time Integration, 
phone: (888) 675-1122 or (425) 462- 
5817, fax: (425) 883-0463, e-mail: 
info@realtimeint.com. 


NFS Client 

WRQ has Reflection NFS Connection 
for Windows NT Version 6.1, which pro- 
vides an integrated Windows NT and 
UNIX solution. It offers simplicity of use 
for non-technical staff and powerful 
functionality for expert UNIX users. 

Windows NT users can now access 
file and print resources on UNIX net- 
works, without knowing a single UNIX 
command. 

Serious UNIX users can take advan- 
tage of features such as “r” commands 
and APIs for both NFS and RPC used 


for development of custom Windows 
applications. 

WRQ’s adaptive NFS optimizations 
automatically adjust to fluctuations in 
the network to maximize responsiveness 
throughout the day, making NI-UNIX 
connections efficient and highly stable. 

Reflection NFS Connection for 
Windows NT is priced at $219. 

Contact WRQ, phone: (800) 872- 
2829 or (206) 217-7100, fax: (206) 217- 
0293, e-mail: info@wrq.com. 


OpenView Programming Book 

Prentice Hall PTR and Hewlett-Packard 
Professional Books have announced the 
publication of Power Programming in HP 
OpenView: Developing CMIS Applications, by 
Raymond Caruso and Mark Kean. This 
book is a guide to leveraging HP Open- 
View’s power in telecommunications net- 
work management. 

HP OpenView is a powerful network 
management platform, but many network 
management applications fail to leverage 
its full power. Written for a wide range of 
telecommunications applications devel- 
opers and project managers, Power Pro- 
gramming in HP OpenView will help readers 
develop robust telecommunications net- 
work management applications that lever- 
age all of OpenView’s capabilities, especially 
its support for CMIP and CMISE. 

Power Programming in HP OpenView, by 
Raymond Caruso and Mark Kean, 
Hewlett-Packard Professional Books, 1997 
(ISBN: 0-13-443011-5), is priced at $45. 

Contact Prentice Hall PTR, phone: 
(201) 236-7139, fax: (201) 236-7131. 


Data Warehouse Retrieval 

Dynamic Information Systems Cor- 
poration (DISC) has announced OMNI- 
DEX for Star Schemas, which provides 
performance improvements for sites 


with large data warehouses that utilize a 
“star-schema” methodology. By installing 
the OMNIDEX multidimensional 
indexes on top of existing the star 
schema, end users can achieve en- 
hanced retrieval performance. 

The company states that OMNIDEX 
for Star Schemas has reduced ad hoc 
queries from eight hours to less than a 
minute against a star-schema “fact” table 
containing 80 million rows. OMNIDEX 
for Star Schemas integrates seamlessly 
between star schemas stored in popu- 
lar RDBMs and popular analysis/report- 
ing tools such as MicroStrategy’s DSS 
Agent, Business Objects, and Cognos 
Impromptu. 

OMNIDEX enhances multiple data 
structures including Oracle, Sybase, 
Informix, Rdb, RMS, C-ISAM, IMAGE/ 
SQL, and flat files, and runs on multiple 
platforms, including HP-UX and MPE. 

OMNIDEX is priced per CPU, from 
$40,000 to $150,000 per server. 

Contact DISC, phone: (303) 444- 
4000, http://www.disc.com/index.html. 


Java Viewer 

Hummingbird Communications Ltd. 
has announced Common Ground Java 
Viewer for DigitalPaper documents. 
Universally readable DigitalPaper elec- 
tronic documents are printed from any 
Windows or Macintosh application and 
maintain their original appearance on 
the Web, in e-mail, fax, or hardcopy. The 
Java Viewer eliminates the need for man- 
ually downloading and installing a 
viewer application. Instead, DigitalPaper 
documents are now readable by anyone 
with a Java-enabled browser without any 
effort at all. 

Contact Hummingbird Communica- 
tions, phone: (415) 917-7300, fax: (415) 
917-7310, http://www.hummingbird.com. 


“SAP 


believes that PATROL® 
currently offers one of the 
leading solutions for in-depth 


OL 


Dr. Arnold Niedermaier, 
Technology Marketing 
SAP AG 


Top industry leaders are relying on 


PATROL for a reason. 


To find out why visit us on the Web 


at: www.bmc.com/patrol 
Or call today: 800 811-6766 


monitoring and 

management of R/3. 

It is important that 

our customers have management tools 
like PATROL that can ensure optimal 
performance and high availability. ¥, 9 


BMC} 


SOFTWARE 


www.bmc.com/patrol 


BMC Software, the BMC Software logos and all other product or service names are registered trademarks or trademarks of BMC Software, Inc. in the USA and in other select 
countries. ® and ™ indicate USA registration or USA trademark. Other logos and product/trade names mentioned are registered trademarks or trademarks of their respective 


companies. ©1997, BMC Software, Inc. All rights reserved. 
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Structured Application 
Development 

Cayenne Software, Inc. has an- 
nounced Version 7 of TeamWork, an 
analysis and design solution for struc- 
tured application development. Over 
3000 new enhancements enable devel- 
opers to build technical, embedded appli- 
cations with greater speed and efficiency. 

New features of TeamWork Version 7 
include: improved editing of graphical 
objects; support for industry-standard 
text editors; WYSIWYG printing for 
increasing the readability and value of 
Mosaic printouts; streamlined and flex- 
ible system administration; integration 
with Inso Corp’s DynaText to facilitate 
Web browser viewing of online docu- 
mentation and help; ADA design-to- 
code consistency checking; custom 
versioning that facilitates management 
of large databases; and automatic 
retrieval of locally locked objects. 

TeamWork is an integrated set of 


tools and services that enable software 
developers to create, store, review, and 
maintain structured specifications and 
data models. The product supports most 
UNIX platforms, including HP-UX. 

Pricing for TeamWork Version 7 starts 
at $9,600. 

Contact Cayenne Software, phone: 
(617) 505-3595, fax: (617) 229-9904, 
http://www.cayennesoft.com. 


Client-Server Management 
Software 

Power Center Software has announced 
its “Test Drive” Program for its Power 
Center suite. The program allows system 
and network managers to “test drive” the 
product on their systems for 30 days and 
entitles them to a significantly lower entry 
price for the entire Power Center suite if 
ordered after the “Test Drive.” Through 
the “Test Drive” Program, four value-added 
products are included when the System 
Problem Monitors are licensed. 
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“Test Drive” offers significant fault and 
availability monitoring, as well as auto- 
mated correction and notification in order 
to provide consistent service availability. 

Power Center provides enterprise- 
wide automation and management of 
multivendor client-server enterprises. 

Contact Power Center, phone: (303) 
220-9789, fax: (303) 220-9776, http:// 


www.powercenter.com. 


New from BASIS 


ODBC Driver 

BASIS International Ltd. has 
announced Release 1.1 of its ODBC 
Driver, which can unlock BB Business 
BASIC data files previously inaccessible 
to Windows users. 

The driver can now read and write 


non-normalized as well as normalized 
data files. (Non-normalized files are ones 
where fields may have subfields, data 
may be aligned on half-byte boundaries, 
and more than one type of record may 
exist in the same file.) 

It has been a severe restriction that until 
now, software developers and data ana- 
lysts could not take advantage of the full 
power of ODBCstandard database access 
and ODBC-compatible applications unless 
data files were first “normalized.” 

The new driver works in mixed plat- 
form client-server environments. 

It is licensed for $150 per copy. 


Business Basic Enhancements 

BASIS International has announced 
that more than 100 improvements, tools, 
and new features have been added to 


BASIS’ Visual PRO/5 Business Basic soft- 
ware for Windows, UNIX, and PRO/5 
Data Server. Four significant advance- 
ments are: Program Wizard, Print 
Preview, ResBuilder, and DDBuilder. 

Program Wizard is an application 
development tool that produces pro- 
grams for file maintenance or report 
generation. Print Preview eases the bur- 
den of developing complex Windows 
code. ResBuilder supports the rapid 
development of Windows resource files 
in BRF format. DDBuilder is an advance- 
ment of the Data Dictionary. 

Prices for a Business Basic develop- 
ment system based on Volcano begin at 
approximately $1,500 for a 10-user license. 

Contact BASIS International, phone: 
(505) 345-5232, fax: (505) 345-5082, e-mail: 
info@basis.com, http://www.basis.com/. 


Object Repository 
Softlab Enabling Technologies has 
announced Enabler, which changes the 
repository from storage device to infor- 
mation management device in the 
Windows 95/NT and UNIX enterprise. 
The Enabler repository’s open archi- 
tecture enables it to act as a hub or 
supergroup, linking different tools and 
disparate applications into a single, com- 
mon information management infra- 
structure. Users can share and re-use 
product and application components 
throughout their organization. 
Enabler allows tools, application, and 
product vendors to provide a solution 
that scales to the enterprise. It will enable 
more effective component reuse and 
management throughout the enterprise. 
Enabler is priced at $3,500 per seat. 
Contact Softlab, phone! (770) 668- 
8811 (U.S.), (+49) 89 99360 (Ger- 
many), e-mail: info@softlabna.com, 
http: //www.softlabna.com. 


New from Bradmark 


Graphical Display Tool 

Bradmark has announced DBGEN- 
ERAL Server Manager for Oracle, a 
graphical display tool that shows the log- 
ical and physical structures of an Oracle 
tablespace and predicts space problems 
with trend analysis. DBGENERAL is a 
comprehensive toolset for monitoring 
and tuning Oracle database servers 
across distributed enterprise networks. 

Features include tablespace man- 
agement, trending analysis, user and 
role management, structural change 
management, database administration, 
and SQL generation. 

The product’s script file generation 
facility allows the user to execute any 
changes in batch or online. It also can 
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extract the DDL from the ORACLE 
catalogue for any object and has an SQL 
editor. Other features are: user, role, 
and authority management; tablespace 
management and table reorganization; 
structural change management; general 
database administration; and SQL script 


wm =hp-ux/usr = july/aug 1997 


generation. 
The Server Manager V2.0 for Oracle 
is available for Windows NT, 95, HP-UX, 
and others. 
A 30-day, free evaluation demonstra- 
tion is available by calling (800) 275-2723. 


Performance Monitor for Sybase 

Bradmark has also announced its 
DBGENERAL Performance Monitor 
for Sybase, which enables management 
of geographically dispersed, complex 
database environments across corpo- 
rate networks. 

Administrators can monitor all 
Sybase SQL Servers within a network 
environment, regardless of server loca- 
tion. Using distributed agents running 
unattended on the server, the Per- 
formance Monitor continually analyzes 
the SQL servers, sending alerts to per- 
formance anomalies. ) _ 

Key features include: monitoring of 
unlimited servers, from any clients; iden- 
tification of problems instantly, using 
powerful drill-down technology; mea- 
surement of any performance metric 
with either predefined events or user- 
defined events; specification of multi- 
ple actions for notification of significant 
server events and the viewing of snap- 
shot, trending, and repository data in a 
custom presentation format. 

The Performance Monitor V2.0 for 
Sybase is available for Windows NT, 95, 
HP-UX, and others. 

For a 30-day free evaluation demon- 
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stration, call (800) 275-2723. 

Contact Bradmark, phone: (800) 
621-2808, fax: (713) 621-1639, 
http://www.bradmark.com. 


Backup and Recovery System 

Workstation Solutions has announced 
Quick Restore V2.2, a backup and 
recovery system for heterogeneous 
Windows NT and UNIX networks. From 
a central management console, Quick 
Restore automates backups to a wide 
variety of storage devices. Restore 
Browser GUI displays a seamlessly 
integrated view of Windows NT and 
UNIX files. 

Quick Restore’s custom device drivers 
maximize performance from tape drives 
“direct-to-block positioning.” During the 
backup process, the physical block 
address of each file on the backup tape 
is recorded. When the file is restored, 
the tape spins at maximum speed to the 
exact file position, resulting in the fastest 
possible restore performance. 

Server software packages are priced at 
$5,400. Client software for UNIX is priced 
at $1,800 per type of client architecture. 

Client software pricing for Windows 
NT is per client, ranging from $2,250 
for five clients to $15,000 for 200 clients. 

Contact Workstation Solutions, phone: 
(603) 880-0800, http://www.worksta.com. 


New from Xi Graphics 


Graphic Software 

Xi Graphics has announced Accele- 
ratedX Server Version 3.1, which makes 
available workstation-class features like 
multiple visuals, overlays, and gamma 
correction for industry-standard PC 
hardware. 

Version 3.1 provides a solution to 
graphics-related problems experienced 


by Linux and Free BSD users, such as 
hardware support, color correction, and 
performance. It is also the foundation 
for Xi Graphics’ new generation of high- 
performance desktop products. 
AcceleratedX Server Version 3.1 
drives popular graphics hardware, sup- 
porting more than 450 different cards. 
Text-based configuration files permit 
easy modifications. When loaded, the 
product seamlessly replaces the installed 
X server and is fully compatible with the 
native X Windows System. The server is 
CDE-ready, enabling successful installa- 
tion and higher performance of the 
Common Desktop Environment. 


Network Desktop Solution 

Xi Graphics has also announced 
CDE Business Desktop, a complete net- 
worked operating system that enables 
systems administrators to integrate 
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Question & Answer 


QQE What is being done in HP-UX for the Year 2000 problem? 


.= Virtually every company will be affected by the year 2000 problem. For the 
most part, the issues are with legacy programs and data files that used only 2-digit 
or single byte values to represent the year, with an assumption that the current 
century is 1900. Unfortunately, these programs and/or the data files cannot 
handle the year 2000 and beyond. Ideally, all these programs will be scrapped 
and rewritten by that time. 

However, some operating system limitations will affect even correctly written pro- 
grams. HP-UX versions prior to 10.20 do not currently handle the year 2000 correctly. 
This includes all versions of 9.xx and earlier. It is important to note that simply set- 
ting the date to Dec 31, 1999 and letting it roll over is a very inadequate test for any 
operating system. There are subtle pieces of code in the file system, utilities that 
may use dates, such as awk and find, opsystem services such as cron and networking, 
that all need careful examination. 

The objective of the 2000 Rollover Program in 10.30 is to ensure HP-UX becomes 
Year 2000 Safe (works beyond the year 2000). The scope of this program is at the 
opsystem core level. It does not imply that all applications that are HP-UX-based 
will be year 2000 safe. Here are some of the reasons why: 

It is clear at this point that during the 2000 Rollover Program, one of the major 
problems is the misinterpretation of the date field by HP-UX code at the core level. 
Thus, it is highly possible the same kind of error lies in the application-level code. 

Applications may have their own defined “date” data field. These date fields, as 
well as all of their dependent applications, would have to be rewritten in order to 
avoid the year 2000 problem. 

There are some library calls in user programs that may be affected by the up- 
dated code in bc, which will require checking. 

So, in order to determine if a particular application is 2000 safe or not, the pro- 
grammer needs to look at the code that is built on top of the opsystem calls. This includes 
date calculations that may overflow or underflow because of inadequate choices for 
numeric precision as well as changes that may have taken place in lbc patches. 

Programmers should obtain the ibcwhite paper from HP’s Web site as the patch 
ID: PHCO_10175. It is intended to aid software developers in determining if their 
software has a dependency upon any of the changes to libe, and to provide guide- 
lines for making the software ready for the year 2000 with respect to ibe. 


How HP-UX Calculates Time 

HP-UX converts dates from applications to seconds, with 1970 as the starting point 
(more specifically, January 1, 1970, 0:00:00). In a 32-bit OS, this means that the time 
counter is “maxed out” in the year 2038, with 2037 as the highest year HP-UX supports. 

Presently, HP-UX 10.20 and earlier will not always calculate dates after 2000 cor- 
rectly. This shortcoming will be corrected in HP-UX 10.30, due out in 1997. However, 
because 10.30 is still based on 32-bits internally, it is still subject to the 2037 time 
maximum. Keep in mind that 2037 is about 40 years away, a time frame where the 
design of future computers and opsystems can only be guessed. 
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Year 2000 Patches 


Year 2000 patches for 10.01 
cron/at PHCO_ 10112 
date PHCO_ 10111 
rlog/co PHCO_ 10110 
libe PHCO 9419 
inet/mailx PHNE 9379 
inet/elm PHNE 9859 
inet/ftp PHNE 9181 
netTL PHNE 9424 
SSHA/mkboot PHCO_ 9012 
SSHA/sar PHCO_ 8819 
PHCO_ 8624 
PHCO 7933 
PHCO_ 8131 
Cold Inst PHCO 9648 
kermit PHCO 9497 
kernel/HIL PHKL_ 10143 
(s700 only, no s800 patch required) 
libe PHCO_ 10175 
(Compatibility White Paper) 


Year 2000 patches for 10.10 

cron/at PHCO_ 10120 
date PHCO_ 10121 
rlog/co PHCO_ 10122 
libe PHCO_ 8981 
inet/mailx PHNE 9379 
inet/elm PHNE 9859 
inet/ftp PHNE 9181 
netTL PHNE 9425 
SSHA/mkboot PHCO_ 9013 
SSHA/sar PHCO_ 8819 
LVM PHCO_ 8625 
audisp PHCO_ 7934 
SAM PHCO_ 8130 
Cold Inst PHCO_ 9648 
kermit PHCO_ 9507 
kernel/HIL PHKL_ 10142 
(s700 only, no s800 patch required) 
libe PHCO_ 10175 
(Compatibility White Paper) 


Year 2000 patches for 10.20 
cron/at PHCO_ 10123 
date PHCO_ 10124 
rlog/co PHCO_ 10125 
libe PHCO_ 8979 
inet/mailx PHNE 9381 
inet/elm PHNE 9860 
inet/ftp PHNE 9785 
netTL PHNE 9081 
SSHA/mkboot PHCO_ 9014 
SSHA/sar PHCO_ 8820 
LVM PHCO 8626 
SAM PHCO 8133 
kermit PHCO_ 9508 
kernel/HIL PHKL_ 9921 
(s700 only, no s800 patch required) 
kftpd PHNE 9786 
libe PHCO_ 10175 
(Compatibility White Paper) 
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Once HP-UX goes to 64-bit, this maximum time constraint 
goes away, because the allowed time range increases by 2°, a 
very large number. It is doubtful that any HP-UX systems will 
exist when that 64-bit value reaches the maximum (several 
billion years from now). 

In summary, the current (unpatched) HP-UX opsystem 
status 1s: 


9.XX 10.01/.10 10.20 10.30 64-BIT+ 


Calculates post-2000 dates correctly no no no yes yes 
Handles dates 2037 and beyond no no no no yes 
Patches to meet Year-2000 compliance no yes yes nla na 


See Table 1 for a list of year 2000 patches. 


QQ? I administer several 10.X systems. I would like to 
delegate some of the system administrator activities, but I 
do not want to grant root access. What can I do? 


= SAM can be configured to provide a subset of its 
functionality to certain users or groups of users. It can also 
be used to build a template file for assigning SAM access 
restrictions on multiple systems. This is done through the 
Restricted SAM Builder. 

You can access the Restricted SAM Builder by invoking SAM 
with the -r option. In the Builder, you may assign subsets of 
SAM functionality on a per user or per group basis. Once con- 
figured, you can use the -f option to verify that the appropriate 
SAM functional areas are available to the specified user. 

A non-root user who has been given Restricted SAM privileges 
simply executes /usr/bin/sam and will see only those areas that 
you configured that user to access. SAM will automatically give 
root privilege for those tasks that require it. 


QE We develop our own software packages. In the past, we 
have allowed all users to install and remove the software. 
We would now like to restrict access to the depots. How can 
this be done? 


= You can use the swacl(1M) command. This command 
allows you to modify the Access Control lists associated with 
software products. There are many levels of SD ACLs. Table 
2 is a list of commands for each level and the associated 
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swacl Command 


swacl -1 global _product_template 
/var/adm/sw/security/_PROD_DFLT_ACL : 


default depot product template 
used to initialize the product acl 
template for a new depot 


swacl -1l global_soc_template 
/var/adm/sw/security/_SOC_DFLT_ACL : acl template for new depot 
swacl -l1 host 
/var/adm/sw/security/_ACL : 
/var/adm/sw/security/_ OWNER : 


host acl info 
owner info for the host object 


swacl -1 depot @ <depot> 
/<depot>/catalog/atiles/_ACL : 
/<depot>/catalog/afiles/_ OWNER : 


depot acl 
owner info for the depot object 


swacl -l1 product_template @ <depot> 

/<depot>/catalog/dfiles/_PROD_DFLT_ACL : template for new products 
created in <depot> 

swacl -1 product <product> @ <depot> 

/<depot>/eatalog/<product>/pfiles/_ ACL : product acl 

/<depot>/catalog/<product>/ptiles/_OWNER : owner info for the product 
object 


storage files. These commands display the existing ACL 
information. Please see the swacl(1M) command for 
information regarding modification. 


QQ= What do the parameters maxssiz, maxtsiz, and maxdsiz 
represent? 


4A&= maxdsiz is the most commonly modified of the three. It 
represents the maximum data storage segment size for an 
executing process. This segment contains fixed data storage 
such as globals, arrays, space allocated using malloc(), and 
such. Whenever the system loads a process or an executing 
process attempts to expand its static storage segment, the 
system checks the size of the process’s data storage segment. If 
the process’s requirements exceed maxdsiz, the system returns 
an error to the calling process. So, increasing maxdsiz does not 
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cause an increase in memory usage; it allows for an increase. 

maxssiz represents the maximum size of the dynamic stor- 
age segment, also called the user-stack segment, or an exe- 
cuting process’ run-time stack. This segment contains stack 
and register storage space. This parameter does not usually 
need to be increased. 

The stack grows dynamically. As it grows, the system checks 
the size of the process’ stack segment. If the stack size require- 
ment exceeds maxssiz, the system terminates the process. 

maxisiz defines the maximum size of the shared text seg- 
ment (program storage space) of an executing process. 
Program executable object code is stored as read-only, and 
thus can be shared by multiple processes. It is very seldom 
that this parameter needs to be increased. 


Qa: After updating to 10.20, sendmail fails to work 
properly. Is there some additional configuration that is 
needed? I am not using DNS. 


.« Check the following on your system: 


1. Make sure that /etc/mail/service.switch has the proper 
entry for these files: 
hosts files 
2. Make sure that /etc/mail/sendmail.cf has the Dj$w macro 
set to the qualified system name. 
3. Make sure that etc/mail/sendmail.cf has the O option for 
the service.switch file uncommented: 


O ServiceSwitchFile=/etc/mail/service.switch 


4. Make sure that the first line of /etc/hosts has the fully 
qualified name of the system. 

5. Add ‘<hostname>.’ as an alias for the local host in 
/etc/hosts, don’t forget the final dot. 

6. Make sure that /etc/mail/sendmail. cw has three lines: 


short host 
fully.qualified 
local host 


7. Kill and restart sendmail: 


# sendmail -bd -q30m 


QE | would like to create a network install server for my 
new Series 700 workstations. What are the steps to do so? 


4%: Follow the these guidelines: 


m The server can be a 700 or 800 system. However, it must 
be running the same level OS as that you are installing. 


m The depot server can be the same system as the install 
server or a different system. It must be running 10.X. 


m There must be one install server per subnet. 


g The HP-UX Install product or the NetInstall bundle must 
be loaded on the server. 


@ The HP-UX Install product requires about 21 MB of free 
space in the server’s /usr/lib directory. 


m Edit the /etc/instl_boottab on the server and add at least one 
IP address that is reserved for booting install clients. The IP 
addresses you add should be for cold installs only and 
should not be used by any other systems. However, if you 
know the LAN Link Address (LLA) of the systems you will 
install, you can use the IP addresses of these systems if you 
use the reserved keyword. 


m If you want to boot multiple systems from the server at 
once, you must add more than one IP address to this file. 
The server may deny boot services if multiple systems try to 
use the same IP address during booting. 


mw There are comments in the /etc/instl_boottab file to help 
you edit this file. Also, see the instl_bootd(1m) man page. 


m If you have problems booting the systems, review 
/var/adm/syslog/syslog.log for error messages that indicate 
the type of problem. 


m Refer to the following manuals for more information: 


Installing HP-UX 10.01 (10.10 or 10.20) 
Managing HP-UX Software with SD-UX 


QE | have a 735 workstation running HP-UX 10.20. I have 


a very large directory with a great number of small files. I 
found that I was unable to copy the contents of the 
directory to another via the cp(J) command. I received the 
following error: 


# Cp ««/big/* . 


sh: /usr/bin/cp: The parameter list is too long 
How can I copy these files? 


A#&= It is most likely that your problem is caused by the 
finite length of any executable’s argument list. Previously, 
the maximum total argument list size was 20 kilobytes. It is 
important to remember that the environment also 
constitutes the argument list. ; 

One immediate way to remedy the problem is to reduce 
the number of arguments that exec(2) must process. For 
instance: 


# find ../big -exec cp {} . \; 


Recently, a patch was released to address this issue, 
PHKL_10176. It has since been superseded by PHKL_10689. 
This patch allows for the possible allocation of 100 20-KB 
buffers to produce a maximum of 2,048,000 bytes for argu- 
ment/environment information. i) 


General HP-UX questions are answered by Bill Hassell, a support 


engineer at the HP Atlanta Response Center. He can be contacted via 
e-mail at blh@hpuerca.atl. hp.com. Workstation questions are answered 
by Susan Potter, an HP-UX system support engineer in the Atlanta 
Response Center. Her e-mail address is sup@atl. hp.com. 
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Root Password 
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UX System Administration 


THIS MONTH I AM GOING to present 
a solution to providing the root pass- 
word to users when the administration 
staff is not available. 

As the editor indicated a couple of 
months ago, I was unable to write one of 
these columns because I was out of town 
working on a large project. (No, system 
administration is not my primary job.) I 
spent three months on a factory automa- 
tion start-up. During that time I was able 
to dial into my main server two or three 
times a day to check e-mail and make 
sure the systems were running. However, 
I was not able to be reached quickly by 
my colleagues back in Atlanta if they 
needed system administration help, 
since I was usually on the factory floor in 
a hard-hat and a hair net. (Yes, it was 
pretty humorous, but everyone else 
looked funny too.) 

While many of you probably don’t 
leave the office for such a long period of 
time, or travel where you can’t be 
reached easily, what about when you are 
on vacation (or sitting in traffic for hours 
on end)? What if someone needs to get 
into your systems as root to address some 
critical problem? If you are like me, secu- 
rity is the major day-to-day concern. (If 
it isn’t, maybe your major problems are 
caused by too many people being able to 
modify your system?) I was also appre- 
hensive giving the root password to any- 
one, even if they had a good reason for 
having it. 

I hadn’t thought much about my trip 
until a recent thread in the USENET 
comp.unix.admin newsgroup. Someone 
asked the question, How do I give root 
access to users in an emergency? (I can’t 
find the initial post, but that was basi- 
cally the question.) What the poster was 
looking for was suggestions for placing 
the root password on paper, somewhere 


by Chris Curtin 


that it could be accessed, but in such a 
way that he would know when someone 
accessed it. 

After reading the first couple of posts 
in this thread, I wondered what would 
happen if neither I nor the others who 
knew the password could be reached. I 
knew I had some “back doors” built into 
our system which allowed execution of 
commands as root by non-root users. 
But the list of commands was limited 
and the back doors wouldn’t allow the 
user to log in as root. Also, many com- 
mands were cumbersome to execute. 

To address this problem, I wrote the 
root password on a piece of paper, put it 
in a security envelope (the kind with pat- 
terns on the inside that prevent you see- 
ing the contents if you hold the envelope 
up to a light), signed my name across 
the flap, and taped it shut. Nowhere on 
the envelope did I write “root password” 
or anything else that would indicate what 
was in it. What I did write on it was a 
quick description, in terms a local person 
would understand, of what it was. For 
example: “The key to Elvis’ bedroom” 
or “The honey for boo-boo.” In both 
cases, Elvis and boo-boo are computers, 
but an outsider wouldn’t know that. 
Next, I gave it to the office manager to 
place in the on-site storage safe. The only 
people who had access to this safe were 
the owners of the company, the office 
manager, and the receptionist. (You 
need to know the receptionist to under- 
stand why she had a key.) The basic rule 
was: If someone needs the root pass- 
word, and one of the administration 
staff is not around, give him the enve- 
lope. Leave voice mail for me and the 
other staff and get the envelope back 
when the user is done. The user was sup- 
posed to send me e-mail about why he 
needed access. 
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This worked great, except for one 
thing: What if none of the people with 
a key was available? Rare yes, but it did 
happen. I never did address this issue 
before I left a couple of months later. 

Before I present some other sugges- 
tions, I must point out that a user 
doesn’t need the root password to have 
unlimited access to a system if he has 
physical access to the system. With all 
but the most secure versions of UNIX, a 
user with physical access to the server 
can reboot it and gain single-user access 
while the system is booting. This is why 
a physically locked computer room is so 
important to a strong security plan. 

First some ideas for providing root- 
level access to users who need it for spe- 
cific tasks, for example backups, 
mounting CD-ROM drives, rebooting 
the system: 


m@ Obtain sudo from one of the various 
HP-UX public domain software sites. 
This program allows you to assign 
specific users specific commands they 
can execute as root. It also provides 
a nice audit feature that sends the 
real root user e-mail each time it is 
used (or in a batch every couple of 
hours, which is more typical). It is 
provided in source code form, so you 
can look it over before loading it on 
your system. 

m Use the SAM functionality in HP-UX 
10.X to provide SAM access to non- 
root users. While I have never used it 
(and generally don’t use SAM for day- 
to-day tasks), I have heard good 
things about its use for backups by 
non-root users. 

mg Write your own sudolike program. 
While this may have been an option 
a few years ago (before sudo), I 
strongly recommend against it. You 
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have the sudo source code, so make 
sure you understand what it does and 
remove any features you don’t like. 
Also remember you don’t have to call 
the command “sudo.” 


Next, some ideas, some of which are 
odd but might work, and some of which 
are proven to work, for providing root 
access any time to non-privileged users: 


mg Modify sudo to allow any command 
by any user. Leave the auditing capa- 
bilities so you can track who did what. 
There are huge security issues with 
this approach, but it works. 

= Implement a scheme similar to the 
one I used, putting passwords in an 
envelope. Again, the issue I described 
above would need to be addressed. 

mg Implement the envelope scheme, but 
place the envelope in a common 
location (e.g., on page 300 of some 
programming book). This has the 
downside of requiring the adminis- 
tration staff to check that location 
frequently to see if the envelope has 
been opened, and you have no his- 
tory of who opened the envelope. 

m= Implement the envelope scheme, but 
place it on a non-system console ter- 
minal, where the administrator, or 
group of users would notice imme- 
diately if the envelope was missing. 
Same problems as previous idea. 

m Provide all administration staff with 
24-hour beepers. If you do this, make 
sure you pay them for carrying the 
beeper, a per-day rate and a per-call 
rate, and implement a disciplinary 
policy for punishing users who beep 
them if it is later determined that the 
administrator was not needed to 
address the issue. (I’ve heard too 
many horror stories of angry opera- 


tors paging the system administrator 
at all hours because of some personal 
issue. ) 

# Implement a lock-box scheme which 
requires a Key to access. While every- 
one would have the key, you would 
still have the audit trail issues. 

# Implement a lock-box scheme that 
requires two keys to open. Even if 
they are the same key, two must be 
present to unlock the box. Kind of 
like a missile silo. Biggest problem: 
finding another user if it is 3 a.m.— 
and no audit trail. 

m Place the password in an envelope in 
a clear box or behind a glass panel. 
The user must break the glass to 
access the password. It would be hard 
to hide the fact that it had been 
opened, but still no audit trail. 

m Same as above, except add an alarm. 
Sull no audit trail. 


When I need to do this again, for my 
new systems, this is what I am going to do: 


1. Create a second root account (a 
user with UID of 0). 

2. Write a program that returns the 
second root account’s password, 
but can only be executed by root. It 
also sends e-mail to the root user 
each time it is executed. 

3. Set up the second root’s account to 
allow access only from a fixed 
terminal. Use /etc/securetty for this. 

4. Use sudo to limit users who can 
execute the command, including 
the auditing features. 

5. Write a cron task that executes last 
on the second root account every 
minute and sends e-mail to root 
when the user logs in. 

6. Modify the second root’s start-up 
files not just to load a shell but to 


load a shell and then disable the 
account when the user logs out. 
Also, set up the environment for 
the account to record all actions 
the user takes. : 
This method allows one access for 
each secondary root account password 
and provides auditing capabilities and 
immediate notification. What it doesn’t 
do is allow multiple accesses to the sec- 
ondary account while the staff is unavail- 
able. It also requires some very careful 
programming of the access program 
and start-up program. Some advice: Do 
not use a shell script, and use PGP if pos- 
sible for the password being stored. 
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The Quest for Ubiquitous 


by Jonathan Chinitz 


After having worked with DCE for a 
number of years now, I am convinced 
of the following facts: 


m DCE has no competition when it 
comes to a scaleable and interopera- 
ble security framework 

m Building security frameworks is not 
for the light-hearted and should not 
be attempted by the average pro- 
grammer 

m Organizations could actually solve 
some serious security problems if they 
used DCE 

m= Companies want to “deploy” DCE but 
they do not necessarily want to know 
that it is “there” 


Let me explain. 
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DCE 


Who Wants to Buy “Plumbing”? 

For DCE, the age-old motto “seeing is 
believing” just plain doesn’t work. Because 
“seeing” DCE exposes some of its rough 
edges. It is, after all, an extensive frame- 
work of services and programming inter- 
faces. “Seeing” DCE means programming 
directly with it. This requires knowledge, 
training, experience, and a software devel 
opment strategy that says: we are build- 
ing a new foundation for our business. 
Out with the old, or at least out with as 
much of the old as possible, and in with 
the new. How many companies do you 
know that are willing to undertake a major 
re-engineering, retraining and recoding 
effort without guaranteed success? And 
even with guaranteed success the cost 
might be prohibitive. 


I recall a conversation I had a year 
ago with a colleague of mine employed 
by a large university, while we were in 
the lounge at one of the nation’s air- 
ports. This individual has been a long- 
time proponent of the DCE technology. 
He told me that no matter what he did 
to convince the university administra- 
tion that DCE was a real and viable tech- 
nology for the university’s business 
applications, he just couldn’t sell it. 
(How on earth do you sell 4-inch pip- 
ing when your audience wants Victoria’s 
Secret middleware?) This person con- 
cluded that in order to sell DCE he had 
to show what it could do with commer- 
cial off the shelf (COTS) products that 
were of importance to the university. He 
needed to make DCE invisible to the 
naked eye. And that is exactly where 
good plumbing should always reside— 
underneath the applications, support- 
ing the corporation’s line-of-business 
applications, with very little fanfare, but 
with good solid results. 


If You Build It and Bundle It-Will 
They Buy It? 

One recent evolution in the DCE 
marketplace occurred when the DCE 
vendors were forced to rethink the whole 
notion of how DCE is priced and sold 
to the end user. For DCE to be a player 
in the Web marketplace, it has to con- 
form to the business model of that mar- 
ketplace: cheap, readily available, easily 
accessible, and bundled software. For 
those of us who have been involved in 
the DCE community for a while, these 
concepts were never voiced in the same 
sentence in a constructive manner. 

Today DCE is bundled with IBM’s 
AIX and OS/390 operating systems, with 
HP’s HP-UX, and Digital’s Digital UNIX 
operating systems. There is talk about 


doing a port of DCE to Linux (I know 
because I raised the issue at the recent 
DCE SIG meeting in Bellevue, 
Washington) and making it free for 
everyone to use. Microsoft’s Windows 
95 and Windows NT ship with the DCE 
RPC as well. This has been true for quite 
some time, but people did not realize 
this until recently. 

The reason is the press that is being 
generated around the ActiveX Core 
Technologies and DCE integration pro- 
ject that is being run out of the Open 
Group. This project will produce a ref- 
erence implementation of the ActiveX 
core services (a fancy term for 
COM/DCOM) that uses both DCE RPC 
and DCE Security. When this work is 
complete (end of this year) you will be 
able to determine at run-time whether 
you want to run ActiveX components 
that use a DCE security framework—with 
complete interoperability across the 
enterprise. Don’t be surprised if you see 
DCE showing up on your favorite desk- 
top—you won't even know it is there. 

So what’s my point, you ask? I con- 
tend that even if you build the infra- 
structure, people are not going to buy 
it. Why? Because nobody wants to pay 
for infrastructure. The marketplace has 
decided that if technologies like DCE 
are to succeed, they must be free or bun- 
dled with the cost of the standard oper- 
ating environment. Think about it: when 
was the last time you paid for your 
TCP/IP stack? But infrastructure alone 
is not a solution. Customers want to buy 
solutions. Customers need applications 
that make use of the infrastructure, all 
the time, without much ado about it. So 
what better way to catapult DCE into the 
“boxing ring” of large-scale applications 
than to tackle the fastest growing of them 
all: the Web. 


DCE and the Web: A Match Made 
in Heaven 

The DCE/Web Advanced Technology 
Offering from the Open Group (formerly 
the Open Software Foundation), promis- 
es to bring to the Web what is so direly 
missing from it, namely a scaleable secu- 
rity model with built-in authorization. 
With the DCE/Web, users can have pro- 
tected access to their Web objects with- 
out having to dive into HTML or other 
languages to do so. They can accomplish 
all this with their COTS browser through 
a specialized proxy server that “tunnels” 
(read: encapsulates) HTTP traffic inside 
DCE RPCs. By doing so the proxy pro- 
vides the data stream with the security 
properties that we have all come to expect 
from a standard DCE application. As a 
matter of fact, soon students at universi- 
ty campuses will be able to view their 
grades and register for classes safely and 
securely using this technology. 

The Web was the perfect match for 
DCE-like technology. It lacked the basic 
requirements of any large-scale applica- 
tion, namely a robust security model, 
one that included not just encryption, 
but authentication and authorization as 
well; and a scaleable naming architec- 
ture, one that understands how to locate 
objects in a distributed environment and 
supports the federation of disparate 
namespaces through the use of junc- 
tioned mount points. 

The Web also had the other magic 
component that made the integration 
of DCE possible: a proxy mechanism. 
This allowed vendors to develop the DCE 
infrastructure around the Web and “plug 
itin” through the proxy model. No 
changes to any desktop or server appli- 
cation code. Web technology also 
showed signs of immaturity when it came 
to scaling of the servers. This prompted 


Open Group to fill a finer niche: that of 
a scaleable, multi-threaded Web server. 


It’s Not Just the Web That’s Out 
There 

The Web is cool and the Web is hip, 
but the Web is not the entire comput- 
ing industry. The Web, however, does 
highlight a broader market that DCE 
can tackle in much the same way: cor- 
porate Internets, sometimes called 
“intranets.” Everywhere I turn these days 
I run into one of these intranet things. 
Companies have realized that for the 
past 10 to 15 years they have been invest- 
ing in TCP/IP networks to support these 
off-the-shelf, ship-with-my-box applica- 
tions that use these “Internet protocol 
things” such as TELNET, FTP, SMTP 
(mail), NEWS, POP, SNMP, and NFS. 
They now have a vast infrastructure of 
client-server applications, all communi- 
cating over the same network protocol 
stack, none of which share the same secu- 
rity model, much less have any security 
framework at all. 

If only we could “DCE-ize” these appli- 
cations then theoretically DCE would 
become ubiquitous. But doing so would 
mean replacing every COTS product 
with specialized DCE versions of it. This 
is not likely to happen. And what about 
the home-grown legacy applications that 
use TCP/IP through sockets? If we can- 
not bring applications such as TELNET 
and FTP to DCE, then why not bring 
DCE to (read: under) the applications? 
In the same way that the DCE/Web tun- 
nels HTTP through a proxy, why not tun- 
nel generic TCP and UDP traffic inside 
of a DCE RPC? 


DCE/Snare 


We at IntelliSoft have done just that. 
At the Decorum ’97 conference this year 
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Dib 1 CE/Snare 
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we demonstrated a technology that will 
bring the power of the DCE security archi- 
tecture, and the promise of real single 
sign-on, to every TCP/IP-based applica- 
tion. We call it DCE/Snare (see Figure 1). 
Through a remote installation and con- 
figuration process, managed from a 
graphical console, you can drop 
DCE/Snare on any node in your network. 
The management console maintains a 
centralized database of connection rules 
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and object rules. These databases are dis- 
tributed to each and every DCE/Snare 
node automatically, thus enabling DCE 
to secure all TCP and UDP traffic to and 
from any machine. As an example, If you 
don’t want to allow outbound telnet ser- 
vices from any or all machines, just tell 
the DCE/Snare and it will block them. 
The same goes for ftp transfers, Web 
accesses, news reading, etc. DCE/Snare 
can protect any application interaction 


that uses well-known ports. 
On servers where sensi- 
tive corporate information 
is stored, DCE/Snare utilizes 
the DCE access control 
model to provide object- 
level protection and audit- 
ing of each operation and 
each access. This means that 
you can implement a uni- 
form access methodology 
across your NFS mounted 
file systems and your FTP 
directories. Applications 
such as OpenView and 
Netview can securely man- 
age your network nodes with 
SNMP, while a standard 
DCE ACL governs access to 
individual OIDs in a MIB. 


Secure Single Sign-on 

For the first time organi- 
zations will be able to 
implement secure single 
sign-on, with a universal net- 
work identity for each user. 
All that is required is that the 
user perform a DCE login 
and obtain DCE credentials. 
DCE/Snare will make these 
credentials available instantly 
to dozens of client-server 
applications across the cor- 
porate intranet. Since the DCE identity 
is universal, any data tunneled through 
DCE that carries this identity can be 
secured and authorized on any machine 
throughout the enterprise. This is all 
done with no additional programming, 
no library or DLL replacements, and no 
substitution of whole binary applications 
and databases. 

The key to Snare is that it is trans- 
parent—as well it should be. You use 


the exact same applications that you 
used before, only securely this time. 
By using some of the standard fea- 
tures that are available in DCE today, 
Snare extends the sign-on to multi- 
ple authentication mechanisms that 
are not necessarily user name and 
password based (by adding a login 
registry attribute that is attached to 
your DCE principal). This allows for 
seamless integration of one-time 
password generators and even cryp- 
tographic smartcards into the sign- 
on framework, with no extra 
programming. Thanks to DCE’s abil- 
ity to support cross-cell secure RPCs, 
we do not have to limit ourselves to 
securing intranets. Using DCE/Snare 
in cooperation with the corporate 
firewall, system administrators can 
build a virtual private network of 
nodes, using the Internet as the con- 
nectivity medium. The nodes can be 
part of one security domain (read: 
cell) or several different ones. All 
access to the data is totally and trans- 
parently protected. 


Snare of a Lighter Flavor 

But what of those machines that do 
not have DCE capabilities? How do 
they interact with machines that are 
completely secured by DCE? Ideally 
we would want to provide users of 
these machines with a DCE security 
context that would be used whenever 
they attempted to contact a secure 
node inside the “Snared” environ- 
ment. This would put them on equal 
ground with their DCE counterparts. 
This is the role of DCE/Snare-Lite. 
a non-DCE 
machine to request DCE credentials 


Snare-Lite enables 


from a DCE/Snare machine, using the 
DCE machine as its proxy login 
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process. The initial communications 
between the two machines is secured 
using public key technology. The DCE 
security database acts as the certificate 
authority for the public keys that are 
distributed to the non-DCE machines. 
The dynamic schema of the DCE secu- 
rity database allows DCE/Snare and 
other security environments to inte- 
grate themselves into a common 
framework. By removing the con- 
straint of requiring DCE on every 
desktop, but not compromising any 
aspect of the security of that desktop, 
DCE/Snare enables large corpora- 
tions to roll out a security framework 
across different platforms, without the 
management overhead associated with 
DCE on every node. 


Conclusion 
It is my sincere hope that with tech- 
nologies such as the DCE/Web and 
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DCE/Snare, along with the current 
trend of new DCE products being bun- 
dled with DCE and the operating sys- 
tem, all of us are finally on the road to 
“ubiquitous DCE.” i) 


Jonathan Chinitz is president and founder 
of IntellSoft Corporation, a maker of distrib- 
uted management and network security prod- 
ucts. He is a frequent speaker at industry 
events and has written extensively about DCE. 
In his spare time, he is chairman of the world- 
wide DCE SIG. He can be reached at 
jec@isoft.com. Information about DCE/Snare 
can be found at http://www. soft.com/snare. 
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by Michael Ehrhardt 


[Vl stticrnavien 3.0 comes on a single CD. 
So, why does the modestly proportioned 
Mathematica package the UPS driver 
deposits at the doorstep feel so heavy? 
Because Stephen Wolfram’s The 
Mathematica Book, a 1,400-page hardback 
tome, and a 500-page book on Standard 
Add-ons are shipped with the program 
CD. Wolfram’s book contains every- 
thing you could ever wish to know 
about Mathematica. Fortunately, the 
index is thorough—and 80 pages long. 
As you look over the table of contents 
and browse through the chapters of 
The Mathematica Book, any notion you 
may have had that Mathematica 3.0 
was simply a glorified calculator 
quickly fades. It is, in Wolfram’s 


words, “a fully integrated environment 
for technical computing.” 

I got my first glimpse of Mathematica sey- 

eral years ago at an Interex conference. A 

Wolfram representative was at the HP exhibition 

booth because Mathematica had recently been 

made available on the HP-UX platform. I was intrigued by 

the range and flexibility demonstrated. Also, the arbitrarily 

high numerical precision of Version 3.0 was a capability of 

even that earlier release. With the release of Version 3.0, I 
decided it was time to take a serious look at Mathematica. 

This article is meant as an introduction for readers who 
know little or nothing about Mathematica but are interested 
in technical computing systems and may be considering buy- 
ing the program. Mathematica can be used for any kind of 
calculating, both numeric and symbolic (and mixed); scien- 
tists of all stripes, engineers, science and mathematics edu- 
cators all could find the program useful. Almost one hundred 
specialized commercial packages exist that provide specially 
designed Mathematica functions for different scientific, math- 
ematical, and technical fields. 

In a magazine article I can only scratch the surface of this 
large and very flexible program. I shall attempt to give an idea 
of what you can do with Mathematica by going through a 
series of relatively simple examples that I developed as I worked 
with it. These examples in no way demonstrate all the facets 


of Mathematica, but they should give you an idea of how you 
use the program and how you write (simple) Mathematica 
programs. 

The Mathematica Book is encyclopaedic and contains a full 
reference section with a listing of built-in objects, with for- 
mat and parameter examples. The Add-on volume describes 
in detail the additional functions shipped with the standard 
version of the program. But I found a couple of Mathematica 
books helpful in learning Mathematica programming, in 
large part because the wider range of more extended exam- 
ples gives one a better feel for the basic programming tech- 
niques. Two books were especially useful: Mathematica 
Graphics by Tom Wickham-Jones and An Introduction to 
Programming with Mathematica by Richard Gaylord, Samuel 
Kamin, and Paul Wellin. 

Wickham-Jones joined Wolfram Research in 1990 to work 
in R&D; he has been the main developer for graphics. His 
book is straight from the horse’s mouth, as it were, and a very 
useful guide to graphics programming. Mathematica inte- 
grates graphics output with the flow of calculation—that’s 
one of its most important features. You can manipulate graph- 
ics primitives in the Mathematica programming language. All 
the examples in this article involve graphics output. 

The book by Gaylord et al is a good introduction to 
Mathematica programming techniques. The second edition 
includes exercises with solutions (some on the accompany- 
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ing disk). Their book demonstrates and encourages good 
Mathematica programming style. Basically, what you want to 
do is to take full advantage of the system’s hundreds of built- 
in functions. This is a somewhat different style from that of, say, 
the C programmer. Although, if you know C, you will find 
much that is familiar in Mathematica syntax. 

A third book I used is Alfred Gray’s Modern Differential Geometry 
of Curves and Surfaces. The title says it all. What is unique about 
this text is that Gray uses Mathematica throughout to explore 
the intricacies, mathematical and graphical, of his subject. I 
must say, I think Mathematica is an excellent teaching and 
learning tool—always assuming, of course, that students have a 
firm penciland-paper grasp of the fundamentals. 


Overview 

In its standard form Mathematica 3.0 consists of two parts: 
The kernel, and the front end. The kernel evaluates expres- 
sions and does the actual calculating. The front end takes 
care of your input; it is your interface with Mathematica and 
handles formatting and graphics representation, and so on. 
You can run a command-line system without the front end, 
though I can’t see doing it if you don’t have to. On HP-UX, the 
front end is X Window System-based; the Mac and Windows 
95/NT have’ their own front ends. 

You can work in the front end without calling up the ker- 
nel. That is, you can edit text, change formatting, etc. in a 
document without recalculating anything. You can also run 
several Mathematica kernels, on local or remote systems, from 
a single notebook. 


Notebooks 

A Mathematica document is called a notebook. It is a plat- 
form-independent ASCII file that you can share with 
Mathematica users who have systems different from your own. 
Wolfram Research makes available a free Mathematica read- 
er that enables colleagues who do not have the program to 
read your Mathematica notebooks. You can send notebook 
files as e-mail, on disk, etc., to other Mathematica users. You 
can also export notebooks as Web documents in HTML for- 
mat, as TEX, and as RTF. Graphic elements can be exported 
as bitmap, EPS, metafile, and so on. 

When you start Mathematica, the front end loads, and you 
are presented with a default new notebook window. All your 
input and output happens in the notebook. The kernel starts 
the first time you ask Mathematica to perform a calculation 


bem Oi p-ux/usr = july/aug 1997 


by typing [shift] [enter], or by hitting the [enter] key on the 
numeric keypad. Using the main keyboard’s [enter] key alone 
merely performs a carriage return. This enables you, for exam- 
ple, to format function definitions so that they are as easy as 
possible to read and understand. 

The notebook is a series of cells. Brackets running down the 
right-hand side of the window indicate the extent and group- 
ing of cells (you can hide the cell brackets if you wish). Cells 
have different properties depending on their type. Text cells 
allow you to enter and format text as you wish. You could write 
an article or book in a notebook, blending text, graphics, and 
calculations. Teachers should find it easy to create interactive 
course material in the form of Mathematica notebooks. 

Figure 1 shows a screen shot of a Mathematica session. 
You see the notebook window as well as several palettes. 
Mathematica has a number of input and formatting palettes 
that make entering standard formulae and symbols as easy 
and fast as a mouse click. The palette labelled Display I cre- 
ated and added to the collection of palettes. It contains 
graphics options I use frequently. I placed the palette file in 
the Mathematica palettes subdirectory, so it is listed in the 
palettes menu along with the program’s own palettes. It is 
easy to create your own palettes by using a menu option 
that converts a notebook to a palette. 

Basic formatting and cell manipulation options are avail- 
able in the menus across the top of the Mathematica main 
window. The system has been designed to be easy to use. You 
do have to become used to the flow of cells, but going back 
and changing input and editing is easy. You can change 
parameter values in a calculation and recalculate simply 
by typing [shift] [enter] again in the cell. Graphics objects 
are in PostScript format, and can be resized quickly with 
the mouse. 


Entering input 

Just start typing. Ifyou type 3 + 4 and then [shift] [enter], 
Mathematica responds by inserting In/1] : in front of your 
input and, on the next line, Out /1]: 7. You do not type the 
In[..J: and Out[...] :. Each session of a notebook starts with 
In/Out [1], and increments by one until your last calculation. 
The % symbol stands for the last output, which you can use in 
the next input. You can also number the %, e.g., %3, to use out- 
put further back in the notebook as subsequent input. A menu 
option enables you to hide the In/out [...] if you wish to. 

The usual mathematical symbols have the usual meanings: 
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FIGURE 1 


A Mathematica Session 


Si{pi_. p2_}] := {-p2, pi} 


x2[a_][t_] := 
D[a[t], {t, 2}]- 
S[Blaft}, ts 
Simplify[D[a[t],. t] - 
D[ aft}, t]}*( 372) 


su punramancsauntianiannunuenisinty 


eight{[t_] == 
{Sin[t], Sin[t] Cos[t]} 


ParametricPlot[ 
eight[t], {t, 0, 2Pi}, 


2¥2 (-4Cos[t]}? Sin[t] - Sin[t] (-Cos[t]? + Sin{t]*) 
(2 +Cos[2t]} +Cos[4t])7/? 
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m Plus + 
ms Minus - 
= Times * 
m Divide / 
m Exponent am 


Operations have the same precedence as in standard 
mathematics. Multiplication can be, and normally is, 
indicated by a space between elements, rather than the 
asterisk. Thus a*b and a_ b both represent a times b. 
Moreover, a number followed immediately by a letter is taken 
to mean number times letter(s): 4ab is 4 times ab, and you 
will notice that Mathematica spaces the ab the moment you 
type it right after the 4. Obviously, you cannot create variable 
names that begin with numbers (x2 is all right). 

Input and output can be formatted in several ways. The 
default, called StandardForm, is a blend of mathematical nota- 
tion and computer language syntax that is consistent and 
unambiguous. Gaylord et al recommend using and getting 
used to the StandardForm style, and I think they are right. 
You can use TraditionalForm, which looks like math book 
text. This is useful for presentation, or, indeed, for writing 
papers and books in Mathematica. It is easy to mix the styles, 
using StandardForm for input, for example, and Tra- 
ditionalForm for output. 

You can use the mouse to place notation from a palette in 
your notebook; the cursor is automatically placed at the inser- 
tion point for the entry of input. So, for example, you can 
enter an integral in StandardForm: 


In[2]:= Integrate[Log[1+x] / Sqrt[x] ,x] 


or you can click on the integral symbol in the input palette 
(see Figure 1) and fill in the data. 

To make Mathematica programming as intuitive and flex- 
ible as possible, the designers have made certain aspects of 
the syntax and form consistent. So, throughout Mathematica, 


= Arguments to functions are enclosed within brackets— 
funci[a_, b_, ¢_] 

m Arguments within brackets on the left-hand side of function 
definitions have a following underscore, called a blank in 
Mathematica 

gw Names of Mathematica built-in functions begin with capi- 


tals—Plot [...], Sin[x] 


mw Except for common short forms such as Sin, Cos, and 
Sqrt, Mathematica function names are spelt out in full— 
ParametricPlot3Dl...], 
mw Lists are enclosed within braces—{a,b,c} 


Integrate [...] 


mw Elements in a sequence are separated by commas— 
f[a,b,c] 


You do have to get used to putting the underscores with 
variable definitions. Forgetting them is a common mistake. 
In addition to the single blank, two (__) stand for one or 
more arguments, and three (__) stand for zero or more argu- 
ments. You can easily write functions that take a variable num- 
ber of arguments. 

Parentheses are used only for grouping expressions—not 
to enclose function arguments, and not to enclose lists of 
objects. If you’re used to writing C functions, just remember 
to use the brackets for functions. 

The naming of functions in Mathematica is very intu- 
itive—for the most part, everything is fully spelt out. That 
involves a bit more typing, but you really can’t get the name 
wrong. There are more than a thousand built-in functions 
if you include the standard Add-ons. You don’t have to 
remember them all: their names are what they do, run 
together as one word with each whole word part capital- 
ized, asin ParametricPlot3D, SurfacePlot, AddTo, 
NestList, 

Because Mathematica’s built-in functions begin with capitals, 


StandardDeviation, and so on. 


it is best to name your own functions without capitalized first 
letters (at least) so that you can always tell at a glance whether 
a given function is one of your own or built-in. The capital- 
ization obtains with all of Mathematica’s basic constants as well: 


m the natural logarithm base is E 


the square root of -1 is I 
m Tis Pi 


It’s a good idea to avoid single-capital-letter names as 
well; N, for instance, is the built-in command to convert 
expressions to real numbers and D is the derivative. If in 
doubt, you can always ask Mathematica by typing 
?expression; if expression is a Mathematica symbol, 
you will get back a description. 

Functions that work in similar ways have the same form, so 
once you get a few basic function forms down, you can easily 
enter the arguments of a function you have not used before by 
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following the structure that is logical for that function. For 
instance, a basic function structure in Mathematica is 


Function[expression, {iterators}]. 


Plot [fimc- 
Integrate[function, 


So, we have Table[expr, {iterators}], 


tion, {x, xmin, xmax}], 
{x, xmin, xmax}], and so on. The argument structure 
of these functions is the same. Once you get a feel for 
these basic structures, you can manipulate functions quite 


easily. 


Expressions 

The underlying and unifying idea behind Mathematica is 
that everything is an expression. The basic form for expressions 
is head[arg), argo, ... arg, ]. Arguments are numbered from 1 
to n going from left to right and from -1 going from right to 
left, 1.e., starting at the nth argument. The head is part 0 of the 
expression. You can extract the head of an expression either 
with the Head function or with the Part function. The head 
of an expression can be another expression. 

The built-in function FullForm returns the standard 
expression form of its argument. This is a handy tool for check- 
ing the way Mathematica represents expressions you are using. 
For example, ifwe enter FullForm[a+ 2 b], the output is 
Plus[a, Times[2,b]]. (Recall that the space between 2 
and b means 2 times b.) That is how Mathematica represents 
the expression internally. The head of compound expressions 
is the name of the outermost function; in the above example 
Head [%] would return Plus. If we type instead Full Form[a 
(b+2) ], Mathematica returns Times[a, Plus[2,b]]. 
The head now is Times. 

In its parsing mechanism Mathematica reduces expres- 
sions to combinations of the three basic types of expression 
called atoms. They are so named because, unlike other kinds 
of expressions, atoms have no parts. The three atoms are 
symbol, string, and number. 

A symbol is a letter followed immediately by letters and 
numbers. Variable names, for example, are symbols. 

A string is a series of characters enclosed within quotation 
marks—*“This is a string.” 

The head of a symbol or string is the kind of atom it is. If we 
enter Head[“A test”], the output is String and 
Head [variable] returns Symbol. 

A number is one of the four number types in Mathematica: 
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integer, real, rational, and complex. The head of a number is the 
kind of number it is: Head[6.009] returns Real and 
Head[7 - 3.1 I] returns Complex. 

When we write a Mathematica program, we create a set of 
rewrite rules that involve expressions. Mathematica uses pat- 
tern matching to evaluate expressions and apply transforma- 
tion rules that, at the end of a series of substitutions for 
matched patterns, convert the component expressions to 
objects that can be calculated. The built-in functions are one 
kind of rewrite rule. The other is the user-defined rewrite rule. 


Building Functions 

A rewrite rule has two parts: a pattern on the left-hand side, and 
replacement text on the right. We can create a rewrite rule using 
either the Set or the SetDelayed function. The standard 
notation for Set is the equals sign (=). For SetDelayed we use 
colon equals sign (: =). The difference between the two is that Set 
evaluates the right-hand side and returns the value. We use Set 
for entering initial values and assigning values to parameters, etc. 

SetDelayed does not evaluate the right-hand side imme- 
diately. We usually use SetDelayed for entering user-defined 
functions. The left-hand side of a function starts with a name. 
Names in the examples given below follow the naming/spelling 
conventions outlined earlier. The name may be followed by a 
sequence of patterns enclosed within brackets. The usual 
pattern is a symbol ending with an attached blank(s). Such a 
pattern is called a pattern variable or labelled pattern. 

A pattern variable such as x_ stands for any expression. 
If we make the function cube[x_] := x%*3,wecan enter 
any kind of number in cube: cube[3/4], cube[Sin 
[Pi/3]], cube[1.2]. In each case, the cube of the given 
number is returned. We can also specify the type of head a 
pattern must have to match input by appending a name to 
the blank. So, if we write cube [x_Integer] := x%3, only 
integer values will be evaluated. If we enter, for example, a 
rational, cube [3/4], the output is simply the unevaluated 
function, cube [3/4]. It is worth pointing out that to 
Mathematica, rationals, integers, reals, and complex numbers 
are distinct, even though we can view rationals as a subset of 
the reals, reals as a subset of complex numbers, and so on. In 
writing transformation rules and conditional tests, it is some- 
times necessary to specify the type of number involved. 

The right-hand side of a function definition can contain 
a series of declarations, calculations, auxiliary functions, 
etc. These are separated by semicolons and enclosed in 


Stuck using tar? 


(or foackup, cpio, or dump?) 


What a sticky mess! Standard UNIX backup utilities force you to glue 
on scripts to make them work right, have performance like molasses, 
user interfaces that are clear as pitch, and reliability that could 
drag your career down into a pit. It’s time to kick asphalt. Load 
BACKUP/9000 (it takes less than 10 minutes), and automate 
super fast, reliable backups and restores on any networked 
system via its slick user interface. Let BACKUP/9000 back 

up your Oracle databases hot, track tapes and files, manage 
media, schedule backups, etc. Don’t get stuck - get 

something faster, easier, and more reliable. Contact us 

for a free demo today, before things get really messy. 


ORBiT. 


GROUP INTERNATIONAL )) 


+1-800-890ORBIT 
+1-510-837-4143 
Fax +1-510-837-5752 
info @orbitsw.com 
www.orbitsw.com 
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parentheses. Rewrite rules you enter in a session go into what 
is known as the Global Rule Base, which always contains the built- 
in functions. The declarations and names you use in com- 
pound functions all go in this base and remain there during the 
current session unless removed (by using the Clear[... ] 
function). In general, we don’t want dummy and temporary 
variables cluttering our Mathematica landscape, so it is a good 
idea to enclose the right-hand side of compound functions in 
the Module function. The syntax is 


Module[{variables..}, expr; expr;. . .] 


All the local variable names inside the function are listed at 
the beginning, within braces. A comma follows the list, so 
we don’t need parentheses around everything. Simply write 
the expressions in the compound function, separating 
them with semicolons. A closing bracket ends the module. 
This way, the names you use inside the compound function 
are kept local to the function and do not appear in the 
Global Rule Base. 


Transformation Rules 

As we use our functions, we’ll frequently wish to substi- 
tute a value for a variable, or set an option in a function. We 
use transformation rules of the forma -> b (Rule),and 
a :> b (RuleDelayed), often in conjunction with the 
replacement operators /. And //. The interesting thing about 
Mathematica’s transformations rules is that they operate not 
only on literal expressions but on patterns as well. We can, 
moreover, give a sequence of rules—naturally, in a braces- 
enclosed list. Here are some simple examples: 


In[1]: 
Out [1]: 


x +y2/. x -> 3 


3 + y2 


In[{2]: £[x] + fly] /. 
Out [2]: 


f[t_] -> 2t 
2x + 2y 


In[3]: £[x+y] - gly] /. 
Out [3]: q - g[r] 


{f£[s_]-> q, y-> r} 


The first is a straight substitution of 3 for x. In the 
second and third examples we have used a pattern: 
£{[t_] means f of any expression, so y and x are 
replaced by 2y and 2x. Likewise, £[s_] means f of any 
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expression, so [x+y] is replaced by q. y _ goes to r. 
The single replacement operator /. (ReplaceA11) tries 
each rule in a sequence once only on each part of the 
expression. As soon as a matching pattern is found the 
result is returned and the part of the expression affected 
is no longer tested. 

The multiple replacement operator //. (Replace- 
Repeated) applies /. repeatedly until the result no longer 
changes. This makes transformations to subparts, for example, 
that would be missed by /. We must be careful with //. It is easy 
to create an infinite loop as in 


x /fs XM => 3x, 


which will go until MaxIterations is reached (the 
default is 65536). 

Rule evaluates the right-hand side immediately. That isn’t 
always what we want. For example, 
£[(2,4,6] /. t_f£ -> Max[First[t],7] 
yields an error: “Nonatomic expression expected in position 1 in 
First[t].” Why? Because Rule evaluates First [t] and t is 
not a sequence of elements. We want the rule to look for 


(t_f£) and then substitute the 
Max of the first element in the expression and 7. The trick 


any expression with head f£ 
is to use RuleDelayed. If we write 


£[2,4,6] /. t_f :> Max[First[t],7] 
no error is generated. The evaluation of First is not made 
on t but on the sequence 2, 4, 6, which is what we want. 

With that condensed look at Mathematica fundamen- 
tals, it is time to look at a few real, albeit simple, programs. 
All the following examples involve graphics output, in part 
because of a personal predilection and in part because I 
wish to demonstrate some of the graphics capabilities of 
the program. I could have concentrated on statistics, on dif 
ferential equations, on number theory, or on anything that 
lends itself to mathematical representation. The program is 
large and it is flexible. ; 
Programming 

We will begin with an old friend from high school geome- 
try: the involute of a circle. Ifyou unwind an imaginary string 


around a circle, keeping it taut, that is, tangent at its point of 
contact with the circle, the end of the string will describe the 
involute of the circle. Given a circle of radius a centered at 
the origin, as the radius line (a units long) sweeps from some 
starting point through an angular distance 0, the length of 
string peeled off is ad units. Our program draws the circle, 
the radius line to the point on the circle that corresponds to @, 
the ad-long tangent line from that point to the involute, and 
the involute curve. We get not only the curve but the geometric 
elements from which it is generated. 

The point on the circle corresponding to @ is (a cos@, 
a sin). Ifyou think of adding vectors, the point on the in- 
volute is the sum of the radius line at @ and the ad-long tangent 
line at @. So, the point on the involute is at (a cosd + a @ 
sind, a sing - a @ sind). We could simply use that in 
ParametricPlot to generate the involute, but instead we will 
create a list of graphics primitives and give them to the 
Graphics function: 


Involute of a Circle 


In{12]:= generator[a_, ¢_] := 
{Circle[{0, 0}, a], 
Line [ 
{{0, 0}, {aCos[¢], aSin[¢]}, 
{aCos[¢] + agSin[¢], 
aSin[¢] - agCos[¢]}}] 
} 


inf13]:= Part[generator[1, $], 2,1, 3] 
Out[13]= {Cos[¢] +¢Sin[¢], -¢Cos[¢] +Sin[¢]} 


In{14}:= curve[a_, @ _] := Line[ 

Table[ 

Part[generator[a, $], 2,1, 3], 

{¢, 0, 6, 0.1}]] 
In{15}:= Show[ 
Graphics[{generator[1i, 10 Pi/ 3], 
curve[1, 4Pi]}], 

AspectRatio -> Automatic, 

Axes -> True, 

Frame -> True, 

PlotRange -> All ]; 


-10 


~j0=7,6 <5 -2.5 6 2.6 6 7.6 


Our first function is called generator. It takes as argu- 
ments the radius of the circle and the parameter 0. The right- 
hand side of the function is a list of graphics primitives: it isn’t 
really a function at all. Remember, lists are enclosed within 
braces. The primitives are Circle, and Line. These both have 
normal expression structure: name plus brackets with argu- 
ments. Arguments to Circle are the x,y values of the center 
(notice the enclosing braces—they’re a list) and the radius. 
Line is very handy; it draws straight lines from one point to 
the next in the sequence of points you give as arguments. The 
whole (broken) line is a list of points, and therefore enclosed 
within braces, and the individual points are lists of x,y values, also 
enclosed within braces. generator gives us the circle and the 
two straight lines. What about the curve itself? 

The points of the involute are the third argument in the 
Line primitive. We can extract them using the Part func- 
tion. This also has a shorthand representation using double 
brackets, which we shall use later. How does it work? Well, the 
first part of generator is the Circle—we don’t want that. 
We want the second part, Line. The outermost part of Line 
is a list, which we want. That is level 1 of the Line list. All of 
its parts are lists as well—the points of the line. Of those we 
want the third list, the points on the involute. So, going inside 
the levels of generator, we take the second element, Line 
(2), the first element of Line, the list of points (1), and the 
third point list (3). As you can see in the program, the syntax 
of Part is Part[expr, levels ...] all comma-separated. 
Hence, Part [generator[1, 6], 2,1,3]. 
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Our second function, curve, creates the point list for the 
involute. It isa Line. The Line is constructed by building a table 
of point values. The Table command is one of the handiest in 


Inft7}= spiral = curve3D[1, 4Pi, 29]; 


Mathematica. Table uses an expression and iteration para- In{18]:= 
meters to create a list of elements. You can use it to build vec- Show[Graphics3D[{spiral, 
tors, matrices, and tensors. The function evaluates the expression Line[{{0, 0, 0}, {1, 0, 0}, 
for each value of the iterator. You can have more than one iter- Last[Part[spiral, 1]]}], 
ation parameter, in which case the second parameter is run spiral2 = spiral /. 
through for each value of the first. Notice the standard syntax {q_, r_, 8_} => 
of Table: an expression and a parameter list enclosed within {q, ©, -S}, 
braces. We use here the full iterator specification—parameter, Line[{{1, : , 0}, 
Last 


starting value, ending value, and increment. If we had left out 
the increment, Table would have used 1. Line draws straight Part[spiral2, 1]]}] 


lines, so we want a small increment of @ so that the curve will be i], 
BoxRatios -> Automatic, 


Axes -> True, 
AxesEdge -> 

{{-1, -1}, 
Automatic, Automatic}, 
PlotRange -> All, 
Boxed -> False, 
ViewPoint -> 

{1.174, =-2.135, 0}]; 


smooth. I could have given Table the actual formula for the 
involute, but I wanted to show the use of the Part command. 

To draw the complete involute plus generating lines, we 
use Graphics, which creates a two-dimensional representa- 
tion using the primitives and Show, which does the actual 
drawing on the screen. The structure of Graphics is 
Graphics[primitives, options]. Showcan be used 
to redraw a Graphics object with different options or dif- 
ferent values to options. It provides a quick way to alter and edit 
graphics output. Notice that the options are set using Rule: 
option -> value and that the primitives given to Graphics are 
created by evaluating generator and curve. I have given dif- 
ferent values for @ in the two functions so that the involute 
goes to 47 and the generating tangent is shown at@ = 1077/3. 

All the graphics functions take a fairly large number of i 
options. Many we can leave at default values. AspectRatio we 
cannot because it isn’t equal valued in xand y directions. The 
value Automatic makes x and y lengths equal. PlotRange 
is set to Al 1 to enforce a complete rendition of the curve. The 
default action is to reduce the picture to “the most interest- 
ing” area and clip out the rest. Axes and Frame do what their Or 


names imply. I have left the graph in its simplest form. We 
could add labels, tick marks, a frame name, and so on. We 
could change the font of the numbers if we wished. Now let’s 
add a zvalue and draw the curve in three dimensions: 


Involute Traced in 3D 


Inf{16]:= curve3D[a_, @_, z_] :=Line[ 20) . 


Table[ Flatten[{Part[ = 
generator[a, ¢], 2,1, 3], z}], eines x 5 
{, 9,6, 0.1}]]; 
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Here we have created a second curve function, curve3D. 
The arguments to curve3D are the circle radius, the para- 
meter, and zas a function of the parameter. Line is perfectly 
happy in three dimensions; we simply give three-valued 
lists as the points. Again, we use Table to generate a set 
of points. The new function here is Flatten. This func- 
tion flattens out nested lists. The combination of the x,y 
values of the involute and the z values are within braces. 
But the x,y values extracted from generator are already 
a list within braces. Line wants a list of three values for 
each point; we can’t have the extra braces (a nested list). 
Flatten removes the braces around the x,y values from 
generator so that x,y, and z values are one sequence 
enclosed in one set of braces. As you should be able to see 
now, Mathematica has a wide range of functions that manip- 
ulate expressions, allowing you to transform data in one 
context and use them in another. 

spiral is the line generated by curve3D for the unit cir- 
cle again, with the parameter going to 4% and z being 20. 
Notice that we are giving 20 as an argument to curve3D 
rather than a numerical value. © is evaluated as the table is 
constructed from generator, with @ running from 0 to 47. 

This time we give Show a Graphics3D object since our 
line is now a curve in three dimensions. Graphics3D is the 
three dimensional function that makes representations from 
primitives and options. We draw the spiral as well as a radius 
line from the center of the originating circle and a line from 
there to the end point of the curve. This last point we get by 
extracting the last point in the Line listin spiral using the 
Last function. Part is used again—remember the list of 
points is part 1. As you might expect, there is also a First 
function. Now look carefully at spiral2, suddenly popping 
up in the midst of the Graphics primitives. What is going on? 

spiral2 is spiral with a transformation rule applied. 
Note the RuleDelayed symbol, : >. The pattern to be 
matched is any list of three elements—{q_, r_, s_}. Well, 
spiral isa list of three-element lists—the points of the curve. 
So the rule will be applied to each point in the list in spiral. 
The rule says take the negative of the third value, i.e., draw 
the curve with z values negative. A line is also drawn from the 
circle to the endpoint on the negative curve. The resulting 
graph is shown above. As you can see, transformation rules 
can make programming very concise. 

The options are pretty obvious. BoxRatios is the 3D 
equivalent of AspectRatio. AxesEdge stipulates which 


edges of the bounding box axes are to be drawn on. The 
values must be I, -1, or Automatic. 1 means an edge with 
a larger value of the coordinate, -1 an edge with a smaller 
value. Boxed set to False omits the bounding box 
around the graph. 

The ViewPoint option sets the point in space from which 
the graphics object is viewed. It is relative to a three-dimen- 
sional box containing the object. The viewpoint is set using 
a special coordinate system scaled such that the longest side 
of the bounding box is length 1. The front end has a useful 
viewpoint viewer you can call up from the main menu. It 
shows a bounding box and a set of sliders with which to 
change the viewpoint. You can paste a value from the viewer 
into your notebook. 

Having drawn a curve in three dimensions, let’s turn our 
attention to surfaces. We shall start with Dini’s surface: 


Dini's Surface 


dini[a_,b ][¢_, 9_] 
{aCos[¢] Sin[g], 
aSin[¢] Sin[¢g], 
a (Cos[@] + 
Log[Tan[gy/2]]) + b¢} 


testl = 
ParametricPlot3D [Evaluate [ 
gdini(s6, .5ifa, r]]z 
fq, 0, @Pi}, {r, 0.001, 2}, 
PlotPoints -> {90, 50}, 
DisplayFunction -> 
Identity] ; 


Show [Graphics3D[{EdgeForm[], 
First[test1]}, 
Boxed -> False, 
Axes -> False ]]; 


The graph of Dini’s surface is shown in Figure 2. It is a 
twisted pseudosphere: a generalized helicoid of slant b con- 
structed from a tractrix. Interestingly, it has constant negative 
Gaussian curvature of -1/ (a? + b?) . A tractrix is a plane 
curve starting at a point (a, 0) such that the distance along 
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the tangent line from the curve to the vertical axis is constant 
for all points on the curve. A generalized helicoid is generat- 
ed by a curve (here the tractrix) that is rotated about a fixed 
axis and translated in the direction of the axis with a constant 
velocity that is a multiple of the velocity of rotation. 

Unlike our first example, Dini’s surface is generated from 
a parametric representation. Thus, the right-hand side of the 
function dini isa three-element list of the x,y,z values in para- 
metric form. The generating tractrix has the form a{Sin[Q] , 
Cos[@] + Log[Tan[@/2]]}. The rotation parameter is 0. 
Note, again, that the list of values is enclosed within braces. The 
left-hand side of dini is interesting. Notice the double sets of 
brackets, one enclosing the constants, [a_,b_], and one the 
parameters [@_,0_]. That’s perfectly legal; in a sense it allows 
us to index the function by the constants. 

ParametricPlot3D does just what it says. It creates a 3D 
surface plot using the parametric form—(/x, fy, fz, color}. Color 
is optional. It must evaluate to a real number between 0 and 
1. I have not supplied a color function. 

We feed ParametricPlot3D dini, with values for the 
constants supplied. ParametricPlot3D will plot a graph 
with @ running from 0 to 8% and @ from .001 to 2. We use 
the Evaluate command on dini because we want 
Mathematica to evaluate the function with the given constants 
and supply a point list that ParametricPlot3D can use with 
the iteration parameters. Unevaluated, dini doesn’t produce 
a list of three expressions ParametricPlot3D can use to 
draw and the program will complain. Notice that the itera- 
tors are written in succession, enclosed within braces and 
comma separated, as always. As with Table, you give the iter- 
ator, the starting value, and the ending value. 

The options follow the iterators. PlotPoints con- 
trols the number of sampling points. Here {90, 
50}means 90 in the x-direction and 50 in the y-direction. 
DisplayFunction->Identity actually turns off the 
display of output from ParametricPlot3D. Why would 
we wish to do that? Because we are going to modify the 
output before displaying it. We give the polygons calcu- 
lated by ParametricPlot3D to Graphics3D, using 
Show. Recall I said there was a First command. Here it 
extracts the polygon primitives—Graphics3D works with 
primitives. EdgeForm[] controls the look of polygon 
edges in 3D graphics. Called without parameters, it means 
no edges, i.e., a smooth unruled surface like the one in 
Figure 2. 


Our next example is a shell drawn about a helix. It is sim- 
ilar to a tube about a curve, but in the case of the shell, the 
radius of the tube varies from point to point. You can gener- 
ate some very interesting figures this way: 


Helix Shell 


Needs ["ktbn°"] 


tubeshell[y_][(r_][t_, @_] := 
y[t] + 
rt (Cos[@] normal[y][t] + 
Sin[96@] binormal [y] [t] ) 


helixfa_,b ][t_] :=f{ 
aCos[t], aSin[t], bt} 


shell = 
ParametricPlot3D[tubeshell [ 
helix[1, 0.5]] [0.2] 
[t, 6] // Evaluate, 
ft, Pi/ 4, 5Pi}, (6, 0, 2 Pi}, 
PlotPoints -> {60, 40}, 
DisplayFunction -> 
Identity] ; 


The first thing you notice is the line Needs [“ktbn*”]. 
The ~ is a Mathematica context marker. I have created a file 
called ktbn .m that contains several lengthy differential geome- 
try functions, in particular, T, N, and B, the tangent, normal, 
and binormal, which involve cross and dot products and deriv- 
atives. I used the lowercase names instead of the convention- 
al capital letters so as not to clash with any Mathematica built-in 
objects. The front end has an option to save a notebook in 
what is called package form. Packages are just notebooks that 
group together related functions, constants, etc. Instead of 
having to write out the normal and binormal, etc., we simply 
read in the package kt bn using the Needs function. I placed 
the file in the AddOns subdirectory under Mathematica, where 
the program looks by default. 
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tubeshell takes a parametric function for a space 
curve and adds to the x,y, and z values the value of the 
expression you see above involving the normal and binor- 
mal. Both normal and binormal are perpendicular to 
the curve Y. 

All List objects have the property that f[{a,b,c,...}] 
returns {f[la],f£[5], f[¢] ,..} If you write fa, b, ¢} 
+ x, Mathematica returns {a+x, b+x, c+x}.The helix 
function takes constants radius (a) and slope (b). We 
then give the helix function to tubeshel1 inside a 
ParametricPlot3D call, using Evaluate. Again, we use 
the option DisplayFunction->Identity, which turns 
off the display of the graph. We’re going to modify it and 
the hand it to Show: 


Show [ 
Graphics3D[{EdgeForm[], 
First[shell]}], 
BoxRatios -> {1, 1, 2}, 
Boxed -> False, 
ViewPoint -> 
{-0.299, ~2.431, 
AmbientLight > 
GrayLevel [0], 


-0.611}, 


LightSources -> { 

{{0, 0, 1}, 
RGBColor[0, 0, 1]}, 
{{1, 0, 0.4}, 
RGBColor[1, 0, 0]}, 
{{0, 1, 0.4}, 
RGBColor[0, 1, 0]}}]; 


We give Graphics3D the primitives generated in the 
ParametricPlot3D call by extracting them with 
First [shell]. As with the curve generated by dini, we 
use the EdgeForm[] command to suppress edge lines in the 
graph. 

LightSources controls the direction and color of sim- 
ulated light. This option can be set to enhance the sense of 
three dimensionality. The structure of the option is /sourcel, 
source2,...} where each source has a direction and a color. The 
direction is specified relative to a coordinate system with x 
and y directions horizontal and vertical in the plane of the 


display (or page) and z coming out toward the viewer in the 
positive direction. Only the relative magnitude of the compo- 
nents is relevant. The colors can be designated using 
GrayLevel, Hue, or RGBColor. I have used the last. The 
scale runs from 0 to 1. 

The AmbientLight setting controls the simulated ambi- 
ent illumination. Adding more ambient light lightens the 
effect of the colors. I have set it to zero using the GrayLevel 
function, that is, no ambient light, which is Mathematica’s 
default setting. A sample graph is shown in Figure 3. 

For our final example, we shall turn to a picture in 
Wickham-Jones’s book: 


He gives this as a demonstration of foreshortening and 
the convergence of parallel lines at the vanishing point. It is 
like an exercise in perspective drawing. He notes that the 
picture was produced in Mathematica but omits the code 
because it is “slightly complex.” I thought it would be an 
interesting exercise to reproduce the picture in the book. 
My solution is a simple two-dimensional graph. I have 
added colors to the tiles, and generalized the picture in a 
function that allows one to alter the dimensions of the 
inner and outer boxes. 

The graph above is square, which permits certain simpli- 
fications. Our function draws the outer and inner rectangles, 
the lines going from top and bottom of the outer rectangle to 
the vanishing point, and 9 X 9 grids of tiles on floor and 
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ceiling, alternating colored and white. What we do, basically, 
is use the two-point formula for a straight line repeatedly to get 
the vertices of the tiles. Let’s stick with the square for the 
moment: 


gridi = Table[Line[{{i, 0}, {9-i, 9}}], 
{i, 0, 9}]; 


boxes = {Line[{{0, 0}, {0, 9}, 
{9, 9}, (9, OF, {0, 0}}], 

Line[{{3, 3}, {6, 3}, 
{6, G6), (3; 6), 13, 31)1s 


‘directions = Line[{{0, 0}, {6, 3}}]; 


y = Table[4.53/ (4.543), {3, 9, 9}] 


{0, 0.818182, 1.38462, 1.8, 2.11765, 
2.36842, 2.57143, 2.73913, 2.88, 3.} 


The inner and outer boxes are drawn using Line. The outer 
square is 9 units by 9 units, the inner, centered within the outer 
at (4.5,4.5),is 3 by 3 units. The vanishing point is in the cen- 
ter and is merely the point where the lines from top and bot- 
tom of the outer box cross. So, to draw the lines—which coincide 
with the edges of the tiles—we simply use Table to generate 
lines that go from bottom to top of the outer box: (0,0) to 
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(9,9), (1,0) to (8,9), etc. That’s grid in the code above. 

Notice the line (directions) that goes from (0,0) to the 
right-hand bottom of the inner box at (6,3). This is strictly a 
construction line: it goes through corners of tiles, giving us a 
way to calculate the y values of the horizontal edges of the tiles. 
We use the two-point formula for the straight line twice: for the 
line from (0,0) to (6,3) and for all the lines from (3,0) 
to (4.5,4.5).The points where those lines cross give us the 
y values, so we simply substitute x values from one two-point 
equation into the other. In the case of this square, the equation 
is very compact, since the line from (0,0) to (6,3) is simply 
x = 2y.So our yvaluesare:y = Table[4.5j/(4.5+j), 
{j,0,9}]. The generalized formula is slightly more compli- 
cated, but the same algorithm is used. 

We apply the two-point formula again to create an array of 
x values. The y values work for all the tiles—it’s a single list of 
numbers. For x values we need 10 sets of values—the 10 rows 
of x values for the vertices of the tiles. This will be a two dimen- 
sional array. 


The two-point formula is applied to the ylines and the lines 
from (j,0) to (4.5,4.5). Again, we use Table to create 
the numbers. We extract the y values from the list y, which 
we just created. Instead of Part, we will use the shorthand 
version, double brackets. That is, rather than writing Part 
[y, k], wewrite y[ [k] ]. Our xvalues are 


x = Table[j +y[[k]]-jy[[k]1]1/4.5, {k,1,10}, {j,0,9}] 


We have all the information we need to draw the tiles using 
the Polygon primitive. The syntax is Polygon[{ {point}, 
{point} ,...}]. The function joins the first and last points to 
close the polygon and /ills with a color or gray level, which 
you can supply as we do in the final program. The tricky bit is 
figuring out how to set the iterators so that we draw every 
other tile, leaving white between colored tiles. 

To make the writing a little shorter it is helpful to introduce 
the variablen = Mod[k+1,2]. We require two iterators, k 
for y and for the rows of x, and j for the values in the x rows. 
Our iterators will run as follows: 


{k,1,9}, {3,1,8 + Mod[k,2],2}] 


Notice that j runs in increments of 2: we’re painting every 
other tile. To see how it works, let’s look at the point for the 
lower left-hand corner of a polygon, the first point in the 
Polygon list of points: 


{x({k, j+n]], yI[k]]} 


Remember that we are using the double bracket operator 
to extract parts of lists. When k is 1, n is 0, so for j=1, we 
getx[[1,1]], yiltil. 
that the increment is 2. So the next point taken is 
x[[1,3]], yl[[1]]. That's correct: we skip x[[1,2]]. 
When k is 2, nis 1. So, the first point taken isx[[2,2]], 
y[[2]]. That’s what we want: we skip the first tile in alter- 


j then goes to 3—remember 


nating rows so that we achieve a checkerboard tiling. And so 
on. The other three points of each polygon are constructed 
in the same manner. The ceiling tiles are the same as those on 
the floor but with y values starting at 9-y and going down. 
The x values are the same. 

The generalization to a pair of rectangular boxes is 
straightforward: 


pview[1l_, h_, box_] 


Perspective Function 


pview generates a perspective gnd 
with 9 rows by 9 columns of tiles. Arguments to pview 
are the height and width of the outer rectangle, 
and the width of the inner rectangle. 


:= Module[ 


{mx, my, bx, by, 


x, Y, view, boxes, n, inc}, 


mx = 1/2; my = h/2; 

bx = mx+box/2; 

by = my - (h/1) box/2; 

ine = 1/9; 

boxes = {Line[{{0, 0}, {0, h}, 


Y 


n 


{1, h}, {1, 0}, {0, 9}}], 
Line[{{mx~-box/2, by}, {bx, by}, 
{bx, my + (h/1) box/ 2}, 
{mx - box /2, my + (h/1) box/ 2}, 
{mx -box/2, by}}], 
Table[Line[{{i, 0}, {1-ai, h}}], 
13,0, 2, 2.79} 13: 
= Table[ 
my jinc/ (jinc+ (my bx/by) -mx), 
{j, 9, 9}]; 
Table[jinc+y[[k]] (mx-jinc) /my, 
{k, 1,10}, {j, 9, 9}]; 
Mod[k+1, 2]; 


view = { Table[{ RGBColor[j/10, k/12, k/10], 


Polygon | { 

{x[[k, j+n]], y[[k]]}, 

{x[[k, 1+j+n]], y[[k]]}, 

{x[[k+#1,1+j+n]], y[[k+1]]}, 

{x[[k+1, }+n]], y[[k+1]]}}], 

RGBColor[k/10, k/12, (10-3) /10], 

Polygon |[ { 

{x[[k, j+n]], h-y[[k]]}, 

{x[[k, 1+j+n]], h-y[[k]]}, 

{x[[k+1,1+j+n]], h-y[[k+1]]}, 

{x[[k+1, j+n]], h-y[[k+1]]}}]}, 

{k, 1, 9}, (3, 1, 8 +Mod[k, 2], 2}] 

}; 

Show [ 

Graphics|[{view, boxes}], 
AspectRatio -> Automatic, 
PlotRange -> All] ] 
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FIGURE 4 


Vanishing Point Boxes 
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As you can see, we have a little gang 
of temporary variables. We use the 
Module function to encapsulate every- 
thing. The temporary variables are put in a 
list at the beginning, enclosed within braces. 
These will remain local to the function and will 
not go into the Global Rule Base. The function takes the 
width and height of the outer box and the width of the 
inner one as arguments. The inner box is centered and all 
the necessary lengths and point locations are calculated. 
Tables of x and y values are created using the two-point 
formula as we did for the square version. If we’re feeling 
complacent, we can let Mathematica do the algebra for us. 
The Solve function will return the needed solutions. As an 
example, we can write 


Solve[{y/(x-j inc) == my/(mx-j inc), y == k}, x,y] 


and Mathematica returns the formula for the x values 
shown above, arranged only slightly differently. Notice the 
syntax for writing equations: the double equals sign is used 
==). In Solve the equations are given in a list, and x,y 
means solve for x, eliminating y. 
The polygons are drawn with different colors for each tile. That's 
the RGBColor function call. Sample results are shown in Figure 4. 


Wrap-up 

As lam a mere beginner in Mathematica, you can be sure 
there are easier, more elegant ways to do any of the foregoing 
examples. But I hope you now have a feel for how the pro- 
gram works and what you can do with it. Iam sure that prac- 
tice would bring proficiency and considerable speed—you can 
perform many manipulations in a compact fashion. The power 
of transformation rules and the ability to mix symbolic and 
numeric calculation greatly enhance the program’s usefulness, 
and its flexibility encourages experimentation. It is an excellent 
educational tool for exploring the mathematical universe. 

Like all number crunching programs, Mathematica will be 
perfectly content with the fastest machine on the block and 
loads of memory. The graphics capabilities of the program 
are extensive, but a 3D graphic with lighting and colors, etc., 
requires some serious calculating, and time. Well; that is why 
they’re called computers. 

Working in the Windows 95/NT version, I have experi- 
enced the occasional glitch when printing and sometimes in 
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trying to bring up the help browser. The main bug is a loss of 
window focus when the Show Page Breaks option is on. In 
fact, having that option on makes some files lock up the pro- 
gram and, sometimes, the system. That is a known bug, and 
developers will fix it at a maintenance release. For now, the best 
idea is to leave that option off. The bug does not affect the 
HP-UX version. For a couple of caveats on the HP-UX ver- 
sion, see the sidebar. 

I enjoy working with Mathematica. It is so extensive that 
one could explore a wide range of mathematics topics and 
probably find oneself quite hooked on it. That is arguably bet- 
ter for the little gray cells than surfing the Net. The graphics 
output is especially pleasing. And don’t think the program is 
limited to pure mathematics: the huge number of built-in 
functions and standard add-ons—not to mention a growing 
number of commercially available specialized packages— 
make Mathematica a useful tool in scientific and engineer- 
ing computing. The interested reader will find Wolfram 
Research contact information in the At-a-Glance box. i 


Michael Ehrhardt is managing editor of hp-ux/usr magazine. 


At a Glance 


Mathematica Version 3.0 
Platforms: 
HP-UX, version 10.0 and higher, 
Windows NT, 
Windows 95, 
Macintosh, 
Other UNIX platforms 


Pricing: 
HP-UX $2,495, $1,995 academic 
Windows NT/95/ Mac/Linux $1,295, $895 academic 


Technical Support: 
Free tech support for first 90 days from date of purchase 
Regular Service: $195 Windows/ Mac, $375 UNIX 
Premier Service: $385 Windows/ Mac, $745 UNIX 
Contact: hitp://www.wolfram.com 
info@wolfram.com 
1-800-441-MATH (6284) 
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by Chris Cobb 


not! As you read more and more hype each 


CGI is dead ... 
day about JavaBeans and ActiveX, don’t forget that you can still 
get a surprising amount accomplished with “simple” CGI scripts. 
Okay, so this article isn’t for everybody, but, if you’re in the busi- 
ness of building Web applications, you may want to consider 
the most glaring omission in every CGI book I’ve seen to date: 
treating Web forms as single CGI scripts. Doing so eliminates the 
accompanying HTML files. Once you become used to this idea, 
I predict that you will be able to create much more complex 
forms without the accompanying design problems. 


Assumptions 

The examples in this article are presumptuous. They are 
about using Perl 5.002 or later along with a Perl library called 
CGI.pm. The scripts discussed here have been used success- 
fully on HP-UX 9.0x and 10.0x using the NCSA, Apache, and 
Netscape Enterprise Web servers. While the CG/.pm tool dis- 
cussed here will work on other platforms, such as NT and 
VMS, you won't find any mention of them (well, not after this 
paragraph anyway). However, though the examples are specific, 
the concepts presented are certainly compatible with any lan- 
guage, platform, and development environment you use. Any 
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mention of browser specifics such as menus and buttons refers 
to Netscape 3.0. 

This article also assumes that the reader is familiar with 
creating, installing, running, and debugging CGI scripts so 
no space is devoted to that. While it was tempting to include 
page after page of code listings and the resulting “screen snap- 
shots,” examples are minimal. Code appears only when nec- 
essary to help explain a point—the assumption is that the 
reader can access the Web, where full examples are available. 
If this assumption is unwarranted, feel free to contact me 
directly for copies via e-mail; otherwise, see the references at 
the end of this article for information on obtaining scripts 
that demonstrate the examples shown below. 


Overview 

This article has two parts. The main part covers the technical 
aspects of Web forms design; a secondary part discusses some 
graphic design elements. Just as desktop publishing combined 
many previously disparate and specialized fields into a single 
industry, the Web is combining DTP with programming, GUI 
design, database administration, etc. Web designers should 
have at least some understanding of all these areas. 


The techniques outlined have been used with much success 


in several enterprise-wide Web-based applications developed 
within Hewlett-Packard over the last few years. Currently thou- 
sands of people within HP worldwide use these applications 
daily and, as of this writing, they are starting to see use by 
many thousands more outside of HP. The emphasis has been 
to develop some simple, effective tools and concepts that are 
easily reusable on many Web projects. While it may sound like 
yet more hype, experience has shown just how effective this 
really is. 


Part I: Technical Design Issues 


The CGI Environment 

As you probably already know, CGI programming is kind 
of weird. Traditionally, computer programs start, open the 
necessary data files, interact with the user to modify data, close 
the files and stop. A Web-based form, however, merely dis- 
plays a form and then stops. Once the user enters data and 
clicks a “submit” button, another process starts up to handle 
the data and then stops. The trick is to maintain some sort of 
“state” across multiple instances of your program in the “state- 
less” medium of the Web. 


The Web server provides a little help maintaining state 
information across subsequent “browses” by providing 
Environment Variables that are available to your CGI scripts. 
Other ways to pass information into your applications include 
command-line parameters and HTTP “cookies,” covered in 
more detail below. 

Web servers bundle the information submitted through 
your Web forms and “encode” many of the characters before 
returning them to your script. This is a good reason to use a 
CGI “library” package that handles all of the character trans- 
formations for you. 


Using Perl Libraries 

There are several popular CGI libraries available for Perl 
programmers. The one discussed in this article is CGL.pm, cre- 
ated by Lincoln D. Stein at the Whitehead Institute Center 
for Genome Research in Cambridge, Massachusetts. It makes 
use of Perl 5’s object-oriented capabilities. This well-designed 
library simplifies the life of a Web form designer and provides 
a terrific introduction to object-oriented programming in 
Perl. Another feature of CG/.pm is that it makes it very easy 
to migrate from the cgz-lib.pl library. , 


Creating Web Forms 

You can greatly improve control over your CGI scripts by 
eliminating the .him files associated with your forms and build- 
ing them entirely through a single script. Once you dispense 
with using HTML forms that are separate from the CGI scripts 
that process the input, you will need to start designing your 
scripts with multiple modes of operation. While this may not 
sound compatible with “reducing the complexity” of your 
scripts, once you become used to this notion, you will soon 
have much greater flexibility in your Web applications. You 
could call this a rudimentary form of “event driven” pro- 
gramming because, as your forms get more elaborate, you 
will always need to anticipate which of many possible buttons 
were last used and, possibly, even where the user was prior to 
that. But let’s not jump too far ahead! 


GET vs. POST Forms 
As with any programming, the first task is to figure out how 
to get data into your script. There are three basic choices: 


m the command line 
m@ environment variables 
m reading files 


(Oh, of course you are right—there are other choices such 
as shared memory segments, semaphores, sockets and signals, 
but these exceed the scope of this article!) 

When your form is invoked through an “<a href>” URL, the 
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first time through will be an HTTP GET request. After that you 
can elect to use either the GET or POST methods. Why should 
you care? When using the GET method, form data is passed to 
your CGI script via the QUERY_STRING environment variable, 
whereas when using the POST method, form data is obtained 
by reading from STDIN. This means that using POST method 
forms allows you to have longer forms and pass much more 
data into your scripts than when you use environment variables. 
Depending on the operating system, Web server, and even the 
browser you use, the GET method can really limit your forms. 

The CGI.pm library defaults to using the POST method. 
You can certainly use GET if you choose, but when using the 
POST method you won’t have to keep checking to see if you 
have exceeded your system limits. 


Retaining State Information 

In the “stateless” medium of the Web, the next task is to 
decide how to maintain some sort of context across multiple 
Web “browses” with the CGI scripts you develop. Possibilities 
include: 


default form “action” 
form buttons as data 
self-referencing URLs 
command-line parameters 
fields and hidden fields 
environment variables 
HTTP Cookies 

data files 


Which method you choose often depends as much on per- 
sonal preference as on any technical reason. If, when read- 
ing some of the following examples, you find an affinity for a 
particular mechanism, use it! 

As you read on, keep in mind that all of the following exam- 
ples could easily be included in one single script. Remember 
that the script will perform different actions at different times 
as it runs with different data and in different modes. 


Default Form Action 

Without an accompanying HTML document containing 
the form data, it is necessary to run a CGI script directly, and 
you do this with an anchor tag just like any other URL (<a 
href=“/cgi-bin/myScript”>). When the script is invoked, it needs 
a way to determine what “state” it is in so that it can respond 
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appropriately. The first time through, all it must do is display 
your form with or without any prefilled defaults. Since the stan- 
dard output of your script is returned to the user’s browser, all 
you need to do is use Perl “print” statements to create your 
form. The trick here is to determine when the script is being 
run the “first time” and when data is being submitted via the 
user clicking a “submit” button. Just checking for the presence 
of data may not be sufficient, since it is always possible to include 
default “name=value” pairs when the script is first invoked. 


Form Buttons as Data 

One nice way to determine the current “state” is to name 
all of the “submit” fields on your form “button.” This way, 
since a submit button is just another “name=value” pair returned 
to your script, you will always know just which button was last 
used. If no “button” was clicked (i.e., there was no value for a 
variable named “button” returned), it’s fairly safe to assume that 
you can display your “default” Web form. Here is the main 
routine for the script we will use in examples throughout this 
article: 


#!/usr/local/bin/perl -T 

SBtn{‘Submit’} = “Submit Request”; 
SBtn{ ‘Help’ } = “Help With Submittal”; 
SBtn{‘ExitHelp’}= “Exit Help’; 


use CGI; 
SeditData = new CGI; 
$Button = SeditData->param( ‘button’ ) ; 


print SeditData->header; # Start HTML doc 
if ($Button eq $Btn{‘Submit’}) { 
if (&editFormData) { 
&endEmail ; 
&displayConfirmation; 
} else { 
&displaySubmitForm; 
} 
} elsif ($Button eq $Btn{‘Help’}) { 
&displayHelp; 
} else { 
# Default action: 
&displaySubmitForm; 
} 
print SeditData->end_html; # End of HTML doc 
exit (0); 


Thinking about DIT? 


Thi ink aga Bia! We know that many of you are thinking about DLT tape libraries. But 
recent advances in 8mm and 4mm technology—and tape libraries made by StraightLine— 
might make you want to think again. 


StraightLine StraightLine ADIC ATL 
Model Sl-400 Series SL-800 Series Scalar ACL 4/52 
Drive format 4mm 8mm* DLT 4000 DLT 4000 
Number of tapes in library 18 or 24 20,50, or 150  —-18 to 52 52 
Throughput up to 25.8GB/hr up to 108GB/hr = up to. 43.2GB/hr —_up to 43.2GB/hr 
Total capacity up to 586GB 200GB to 7.51B 2.081B 2.081B 
Bar code reader Yes Yes Yes Yes/6-digit 
Number of drives 1 to 3 1 to 5 2 to 4 2 to 4 
Head life (hours) >20,000 >20,000** 10,000 10,000 
Media uses (passes) 20,000 20,000 15,000 15,000 
Drive MTBF (hours) 200,000 200,000 80,000 80,000 
Tape drawer(s) Yes Yes No No 
Removable tape boxes Yes Yes No No 
List price starting at $7,995 $13,995 $17,995 $45,000 


** Exabyte Mammoth head life—20,000 hours 
Sony AIT SDX-300 head life —30,000 hours 


Led by Sony, HP, and Exabyte, tape drive 
technology has taken a giant step forward in 
reliability, performance, capacity, and price. 
Consider this: 


Reliability — Straightline has taken the 
best in drive technology and engineered 
tape libraries with mainframe-class robotics. 
Our unsurpassed accuracy—to .001 of an 
inch—means you'll get round-the-clock 
dependability. And that’s not all. 


Capacity and Throughput — The 
SL-800 series offers a range of 8mm systems 
designed to meet your current needs and 
easily expand to meet your future needs, too. 
Choose Sony or Exabyte drives, then select the 


© 1997 StroightLine. All rights reserved. Straightline is a division of 16M Communications. 
All brand and product names are property of their respective holders. 


*Exabyte’s recommended 8mm tape—Exatape 170M Advanced Metal Evaporated tape 
Sony's recommended 8mm’tape—SDX-T3N 170M Advanced Metal Evaporated tape 


number of tapes—20, 50, or 150 tape sys- 
tems—offering up to 7.5TB of data storage 
and 108GB per hour throughput. 


The SL-400 series is now available with the 
latest in 4mm technology —DDS-3. Using 
a StraightLine tape library, you’ll realize 
5866B of total capacity and a data transfer 
rate of 25.8GB per hour. Systems are 
available in 18 and 24 tape configurations. 


industry Standards — StraightLine 
libraries are compatible with all standard 
systems and software—Sun, HP-UX, SGI, 
IBM RS/6000, Sequent, NT, DEC; Novell, 
LAN Manager; Arcada, Legato, ArcServe, and 
many others. 


Better than DLT! — If you’re thinking 
about a tape library, think about this—we 
offer the best in reliability and performance 
at a very competitive price. Then call 
StraightLine—the leader in 8mm and 4mm 
tape libraries. Now that’s good thinking! 


800-458-1273 
www.igm.com 


Straightline 


677 120th Ave. NE © Bellevue, Washington 98005 
e-mail: igm@igm.com 
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The first line is standard UNIX shell scripting and defines 
the interpreter that will be used to execute the script. The 
next three lines define the “submit” buttons used in the script. 
The fifth line identifies the CGI.pm library. 

The sixth line instantiates a new CGI object that is manip- 
ulated via the $editData variable (you can use any variable 
name you like, assuming it’s valid in Perl). The “constructor” 
for the object determines whether the form method is GET or 
POST and fetches the form data from the QUERY_STRING 
environment variable or STDIN respectively. The construc- 
tor does other nice things for you. It handles any necessary 
character conversions to “decode” the form data (converting 
“+” to space, etc.), and converts all of the “name=value” pairs 
into an associative array using “name” as a key for the “value.” 
The seventh code line in the example checks for a “button” 
value. This will be a “null string” unless one of the “submit” but- 
tons on the form has been clicked (more on this below). 

The rest of the example determines which action to take 
during this invocation. Ifa field named “button” has the value 
“Submit Your Entry” and the GediikormData() call is success- 
ful, the script will process the data. In this case it formats and 
sends an e-mail message and then displays a successful result 
to the user, but you could just as easily save the data in a file 
or update a database. 

If the @editlkormData() call is not successful, the script will 
just fall back to the routine that displays the Web form to the 
user. And here is one of the best reasons to keep everything 
in a single script: when any edit fails, all the edit routine needs 
to do is print some error messages. These will then show up 
at the top of the form when it is redisplayed, and you will 
never again have to give instructions like “Field name is miss- 
ing; press your browser’s [Back] button and try again.” When 
the form is repainted, the CG/.pm library retains any of the 
fields the user filled in and they will be redisplayed in the 
form. 

If the form’s “Help” button was used, the script can display 
the necessary help text to the user. If no “button” value was 
passed to the script, program logic falls through to the last “else” 
and the default “empty” Web form is presented to the user. 


When you create your Web forms using a CGI script, you 
have control over how the form and any hyperlinks therein are 
created. One way to retain state within your application is to 
create recursive links that contain extra parameters. For exam- 
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ple, suppose you have a submit form that creates a data file 
each time it is used. One function of your form could be to list 
some or all of the existing submittals on a page. You could 
add a link on each of the “open” requests allowing easy access 
to the data. Each line on the Web page could be created using 
something like the following: 


SmySelf = SENV{‘SCRIPT_NAME’}; 


= &fetchOpenReqNumbers ; 
foreach $num (@openReqs) { 


@openReqs 


print “<br> <a href=\"$mySelf?edit+Snum\”> 
Edit req Snum</a> 
\n”; # end of print 


The question mark separates the name of the script from 
the command-line parameters, and the plus sign 
separates subsequent parameters. This means that your 
form will need a mode that understands what to do with 
these command-line parameters, but it can simply be in 
another subroutine that reads the specified data file and 
prefills all of the fields in your form. (You already have a 
subroutine to display your form, n ‘est-ce pas?) At this point 
you Can use your existing form to submit changes to the 
existing data. 

The thing to remember is that your script will perform 
only one of its possible functions each time it is invoked. Once 
you are used to thinking about a single script as several sepa- 
rate operations, it becomes easier to envision how the sub- 
routines can “overlap” a little. They can perform slightly 
differently depending on what you want to accomplish during 
each particular instance. 


Command-line Parameters 

When you pass command-line parms into your script as 
shown above, you need a way to figure out what they are. They 
are passed to your script just as you would normally expect in 
SARGV[0], $ARGV[1], etc. What could be simpler? The trick is to 
remember what parameters you expect to see during the vari- 
ous instances of (or passes through) your script. One time your 
script builds a page with links like the ones above; the next time, 
when a link like this is used, your script responds accordingly. 
Note that the only time variables are available in @aRcv is when 
you use the “?arg+arg” syntax shown above. This will not be true 
when using the “G’name=value” syntax shown below. 


Prefilling Form Fields 

Another handy thing that you can do is to prefill fields with 
data by passing “name=value” pairs through a URL. If you have 
a form with two fields named “Field1” and “Field2” and you 
invoke your script through a URL like this: 


myServer/cgi-bin/myScript ?Field1=FO0&Field2=LIKE+MAGIC 


when the form is displayed, Field] will contain “FOO” and 
Field2 will contain “LIKE MAGIC.” The form is initially 
loaded with an HTTP GET request and, therefore, the 
parameters are available in the QUERY_STRING variable 
and CG/.pm interprets them correctly. In this case, the 
values will not appear in your script’s command-line 
argument list. 

You could also pass an initial “button” value into your form. 
Referring to the “main routine” example (see Form Buttons 
as Data) above, you could build a URL directly to the form’s 
help text using: 


<a href="/cgi-bin/myScript ?button=Help+with+Submittal”> 
Show myForm’s help page</a> 


Fields and Hidden Fields 

Of course, a Web form’s raison détre is to collect input 
through the fields included on the form. A useful way to pass 
information between forms is through “hidden” fields. These 
can be thought of as a way to “cache” data in a form without 
it being easily changed by the user. The field data will be in the 
form, but no data entry field will be created. These are not 
truly hidden from the user, nor are their data secure from 
being changed by the user; however, they can be very conve- 
nient. For example, if a user starts filling out a form and then 
clicks the “Help” button, the script can build a form full of 
hidden fields on the Help page to retain the user’s entries 
thus far. Then, when clicking an “Exit Help” button, the user’s 
data is filled back into the original form. A quick way to do 
this using the CG/.pm method is the following example of the 
SdisplayHelp() sabroutine. Assuming that our help page will 
be fairly long, let’s put an “Exit Help” button at both the top 
and bottom of the page. 


sub displayHelp { 
print “ [ ... some heading stuff ... ] °; 


print SeditData->startform; 


print SeditData->submit ( ‘button’, $Btn{‘ExitHelp’}); 
print “ 


[ .. help text here ... ] 


\n"; 

print SeditData->submit (‘button’,$Btn{‘ExitHelp’}); 
# 

# Now cache the user’s data: 

# 


foreach Shield (SeditData->param) { 
print SeditData->hidden(-name=>$field), “\n” 
if Sfield ne “button’; 
} 
print SeditData->endform; 


return (1) ; 


You could also specify a different target window for your 
help page. This would make saving the fields unnecessary, but 
there may be times when you will need to save the data. To 
put your help page into a new window, change the “header” 
method to include the target window. 


print SeditData->header (-target=>‘HelpWindow’ ) ; 


Another advantage of using a separate window for help: if 
you have several different places where the user can click the 
“Help” button, you don’t have to figure out where the user 
was prior to clicking help (when clicking the “Exit Help” but- 
ton, for example). If you use a separate window, be sure to 
remove any other navigation buttons from the help form so 
your users won’t try to continue on within the Help window 
unless that is really what you want them to do. 


Environment Variables 
There are several handy shell environment variables created 

by the Web server, including: 

gw PATH_INFO “extra” path information (not 

secure) 

mw SCRIPT_NAME name of the running script 

(secure) 

gw REMOTE_USER 


= REMOTE_HOST 


user ID when authentication is used 
may be a Web “proxy” server 
though 


mw HITTP_REFERER may or may not be available 
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gw HTTP_USER_AGENT _ reports the type of browser the user 
is running 
ge HTTP COOKE See “HTTP Cookies” below 
Some of these can be considered secure and some of them 
cannot. PATH_INFO is one you cannot trust. If you add extra 
directory paths at the end of a CGI script, the extra part is 
stored here. Say you run a script named /cgi-bin/myScript using 
the URL /cgi-bin/myScript/extra/path/info. The Web server will 
search your CGI directory until it finds an executable and, in 
this case, put /extra/path/info into the PATH_INFO variable. 
Never trust anything that users can send into your scripts. 
The SCRIPT_NAME variable, however, can be considered 
secure information. The Web server will set this to the name of 
the script it invoked (relative to the Web Server’s root directory). 
To continue the above example, it would contain /qg-bin/myScript. 
HTTP_REFERER is another interesting variable; however, it 
may or may not be available. If your script was invoked from 
an “<a href>“ anchor, this will contain that link. If your script was 
“opened” directly by typing it into the browser’s location box, 
or opened from a user’s bookmark, this variable will not exist. 
Other variables may be available, depending on which server 
you are using. Some servers include all of the variables cur- 
rently set by the user that starts the Web server running. Others, 
like Netscape’s, do not, although you can add any by modifying 
the Netscape server’s obj.conf file (and add variables such as 
HOME, PATH, etc.). See your server’s documentation for details. 
If you are not sure which variables are available or what 
their contents look like, build a little CGI script to dump them 
all out. 


#! /usr/local/bin/perl 
print “Content-type: text/html\n\n’; 
foreach Skey (sort %ENV) { 

print “Skey = SENV{Skey} <br> \n’; 


Remember that this will just show the environment as seen 
using the GET method. Several demo scripts accompany this 
article, and one called getenv allows you to display variables 
using either the GET or POST methods. See References below 
for details. 


HTTP Cookies 
Using HTTP “cookies” is a very cool way to cache data in the 
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user’s browser. Briefly, by adding some extra HTTP header 
information prior to starting an HTML document, you can 
pass data to the browser and then, during subsequent browses, 
request the information back. More recent versions of CGLpm 
provide support for cookies and make them a snap. When 
you start your documents using the “header” method, just 
add the following: 


print SeditData->header (-cookie=>&cookieMonster) ; 


Then, build a &cookieMonster() subroutine that will either store 
or fetch a cookie depending on which action is appropriate at 
the time. In this example, when the form’s “submit” button is 
clicked, the values of two form fields will be stored in a cook- 
ie and, when someone using the same computer and login 
accesses this form again, these two fields will be prefilled using 
the values previously entered. 


ScookieName="“myCookie” ; 
# Always look for an existing cookie first 


scookie = SeditData->cookie ($cookieName) ; 


# We are storing field data, so pick which fields 
@cookieFields = qw(SubmitterName SubmitterEmail) ; 
if (S$Button eq $Btn{‘Submit’}) { 

# STORE submitter’s info when they click Submit 


foreach $field (@cookieFields) { 
Scookie{$field}= SeditData->param ($field) ; 
} 
} elsif ( ! $Button) { 
# FETCH previous cookie when starting a new form 


# and prefill the corresponding form fields 


foreach $field (@cookieFields) { 
SeditData->param(S$field, Scookie{S$field}) ; 


} 
# Now, bake a cookie that will stay on 


# the user’s machine for up to one year 


$Scookie = SeditData->cookie (-name=>$cookieName, 
-value=>\%cookie, 
-expires=>‘+ly’); 


return (Scookie) ; 


Each cookie you bake needs a name and this, combined 
with the machine and/or path on which it was created, unique- 
ly identifies the cookie while it is stored on the user’s comput- 
er. This means, of course, that the user must access your form 
from the same computer used the first time. There are limits on 
how many cookies you can create on one server and how much 
data each one can contain. A reference to more cookie dough 
(oops, make that cookie info) appears at the end of this article. 
Don't assume that your cookies will be there when you ask. 
There has been some negative press about the privacy issues 
surrounding cookies lately, and it is possible for users to con- 
figure their browser to deny acceptance of your cookies. 


Data Files 

The CGL.pm library provides an easy way to save the state of 
a form. The save method will even let you append data to an 
existing form file. This is one way to pass large amounts of 
data between multiple forms and it works well when com- 
bined with an HTTP cookie to keep track of a “user” or 
“session” ID tag. 


open(DATA, “>/some/file”) ; 
SeditData->save (DATA) ; 
close (DATA) ; 


open(IN, “/some/file”) ; 
SeditData = new CGI(IN); 
close (IN) ; 


Of course, you can also access your own data files or a data- 
base from within your scripts if you’d rather not let CGL.pm do 
allyour work for you. 


Using Multiple Forms 

(More than one logical form on one page.) 

It is possible and often desirable to display multiple forms 
on one Web page. Just be aware that when a button is clicked, 
only the fields in that particular form (between the <form> 
... </form> tags) will be returned to your script. 

Formatting a page with multiple forms was difficult before 
tables came along, but now you have more control over the lay- 
out by simply putting a form in a table cell. You can have mul- 
tiple buttons that each have a different “action” and still put 
them close together. Even if you have different subroutines 
that build each logical form on a single page, they can each 


use the $var = new CGI construct without problems. The CGLpm 
library is designed to do the right thing. 

An interesting use of this is a “fall through” selection form. 
Let’s say that you have a Web application consisting of sever- 
al different forms to store and display data based on some 
common selection criteria entered by the user. You could use 
a common subroutine to create the selection window(s) as 
one logical form at the top of each page, and each of the dif- 
ferent form scripts could call the common routine to display 
the selection window above its respective “bottom” parts. 

Take a look at Figure 1. The popup fields labelled “Select:” 
are in a separate form created by the select routine, and the 
bottom two “Edit Windows” are created by a second routine. 
Selections made in the top form will change the information 
displayed in the bottom form. The “Select” form also uses 
HTTP cookies and, when previous selections have been made, 
will simply return those selections. All other forms in this appli- 
cation that use the same selection routine act in the same 
manner, enabling users to navigate through their data without 
having to reselect anything until they are ready to do so. When 
they do, the select form saves the new values in the cookie. 

When the selection form is called without any previous 
selections, it will wait until selections have been made. Once 
the “Enter Selections” button is clicked, the selection form 
will simply “fall through” and the bottom part will also then be 
displayed. This selection form is smart enough to wait when 
only one of the two possible fields has been entered (from a 
previous selection when only one of the choices was avail- 
able). It will also wait for a new selection when one of the pre- 
viously valid choices has been removed from the system since 
the form was last accessed. The bottom part of Figure I has 
two logical forms—each button passes command-line parms 
back to the script through its unique “action” attribute. 


Multipart Forms 

(Forms that contain multiple items.) 

A terrific recent addition to CGI.pm is support for forms 
created using “<multipart/form-data>* encoding. This allows 
you to use the “file upload” feature available in Netscape 2.0, 
and easily handles the necessary decoding that would be rather 
painful without a handy utility library. 


print SeditData->start_multipart_form; 


print “<h2>Enter your name and a file to send</h2> \n’; 
print SeditdData->textfield(-name=>SubmitterName, 
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-size=>40, -maxlength=>55),”\n"; 


print SeditData->filefield(-name=>FileName, 


-size=>40, -maxlength=>60) ; 


print $editData->submit ( ‘button’, $Btn{'SendFile’}); 
print SeditData->endform; 


The result of a “filefield” is a field in your form that looks 
like a “textfield” with a [Browse...] button immediately fol- 
lowing the field. Clicking the button allows the user to browse 
files on the local computer and select one to upload to the 
Web server. When the user clicks a submit button, the con- 
tents of the file are transferred to the server along with data 
from other fields included in the form. The CGLpm library 
separates the multiple parts of the form: all other form data 
is available as usual using the “param” method and, in addi- 
tion, a temporary file is created. The temporary file will last only 
while your script is running, as CG/.pmwill delete it just prior 
to exiting. If you want to keep it, you will have to copy it some- 
where else. For example, part of your script’s edit routine 
might include the following. 


if (SButton*eq SBtn{‘SendFile’}) { 
SfileName = SeditData->param('‘FileName’) ; 
StmpFile = SeditData->tmpFileName ($fileName) ; 
(@stat) = stat(S$tmpFile); 
if ($stat[7] > 4096000) { 
&errorMsg (“<b>SfileName</b> is too big (over 4MB)”); 
} else { 
&copyUploadedFile (StmpFile) ; 


The $fileName is the name of the file that the user entered 
into the form, and the $impFile is the name of the temporary 
file created by the CG/.pm routines. 

Of course, you don’t have to put limits on how big a file 
your users can send to you, but if you don’t, make sure you have 
enough disk space on your Web server to hold whatever people 
send. Note that if you do not use the “start_multipart_form” 
method, the file name will still be returned to your script but 
the contents will not have been uploaded to your server. This 
can actually be a good side effect. Using a “filefield” in a form 
created with the “$editData->startform” method is nice if the 
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user will just be identifying files that already exist on the Web 
server. In order to point to them as “local” files the user would 
need to be running the browser on the Web server (or need 
to have access to the files via an NFS mount or a network 
“share” drive) but, if this is the case, you can avoid uploading 
files when they’re already there. 


Multipage Forms 

(Forms presented on more than one “page.”) 

One of the nicest things about Web forms is that HTML auto- 
matically builds scroll bars, allowing you to concentrate on con- 
tent instead of the implementation. You can now build longer 
forms than you ever thought possible; however, there will be 
times when you need to break up the form into multiple “pages.” 

As you add more complexity to a form, the number of 
possible fields may get too cumbersome to handle all on one 
“page.” Collecting some data on a first page and then build- 
ing a second page based on the first can make a form more 
usable. It is possible to build a form so complex that a brows- 
er simply cannot display it entirely or, if it does display, 
scrolling and data entry can be so slow that the form is unus- 
able. When this happens, you may need to use “hidden” 
fields and/or data files to pass information on to another 
form in your application. 


Multimode Forms 

(Forms that perform more than one function.) 

Now that you are using a CGI script to create your Web 
form, you can build variations of the form at different times 
depending on who is running the script. For example, let’s say 
that you have a form to submit a request, and the request must 
be approved by an administrator, editor, or someone in charge 
of authorizing the request. You could build an entirely separate 
version of your form, or you could add an “admin” mode to the 
script you already have. The trick here is to differentiate when 
the script is run by one of the application administrators and 
when it is run by someone submitting a request. 

One way to accomplish this is to create an “adm” subdi- 
rectory underneath your application’s CGI directory and add 
Web security to the scripts in this subdirectory. In the subdi- 
rectory simply create symbolic links to the actual scripts and, 
when they are run from this subdirectory, the user will be 
prompted for a user ID and a password. To make this work, 
your Web server must be configured to follow symbolic links. 
For example: 


User access: <a href="/cgi-bin/myApp/myScript’”> 


Admin access: <a href=“/cgi-bin/myApp/adm/myScript”> 
The above example assumes the following symbolic link exists. 


cgi-bin/myapp/adm/myScript -> ../myScript 

The previous example also assumes the subdirectory cgi- 
bin/myApp/adm has basic Web authentication in place (con- 
sisting of an .htaccass or an .nsaccess file). 

You can then check for a REMOTE_USER environment 
variable, or you can check for the string /adm/ in the 
SCRIPT_NAME variable. Once your script determines that it 
is in “admin” mode, you can then alter your form according- 
ly. For example, you can add “approve” and “deny” buttons, 
add a text field for “admin comments,” etc. You could even 
change the default “screen” for admin users to be a list of all 
currently outstanding requests where each entry in the list 
was a recursive “<a href=>” link to your same script. Of course, 
this means that you need to add an “edit” mode that can han- 
dle this type of access. However, your script is building the list 
and you have complete control over how you choose to build 
the links and act on them. 


Secure Scripts 

The above method is a simple way to provide an “admin” 
login; however, you may want everyone using your particular 
application to log in using a Web password so you can always 
tell who is doing what with your forms. In this case you may 
want to consider adding user “classes” to your application. 
This can be done quite easily right on top of the existing Web 
security mechanism simply by rethinking how you use the 
Web authentication “group” file. 

Don’t forget that using your Web server’s “basic” security is 
Just that—basic. You should not assume that your application 
is protected just because you have added Web security. Within 
Hewlett-Packard, for example, company confidential infor- 
mation can be placed on the intranet (internal network) with 
basic Web security; however, this author would not choose to 
put that same information on the open Internet without using 
a better security scheme, such as SSL. 


Building on Basic Web Security 
If you place basic Web security on your CGI directory or 
the CGI subdirectory where your application’s scripts are 


located, everyone who accesses your scripts will be prompted 
for a user ID and password. After this, you can determine who 
is running the script via the REMOTE_USER variable. It is 
also possible, as part of basic security, to create a “group” access 
file and require that people be a member of some group to 
access your application. However, the group information is 
not then available to your scripts. As an alternative, simply 
restrict access to a “valid user” and allow anyone with a current 
user ID and password access. Do still maintain a “group” file 
though, and add users to one or more groups as appropri- 
ate. It is very easy then to parse your group file and build a 
list of those groups of which the current user is a member. 

At this point you can build user “classes” into your Web 
scripts. One way, for example, would be to define three classes: 
“admin,” “user,” and “guest.” If the user is a member of the 
“guest” group, then he has only guest access; if a member of 
the “admin” group, he has admin access. If neither of these 
applies, then he is considered a “vanilla” user. 

Remember that your script will need to parse for group 
access each time a button is clicked. An alternative here is to 
cache the group list in a cookie that lasts only until the user 
exits the browser program. This is not completely safe, as 
sophisticated users could spoof your application by sending 
their own cookie strings to your scripts. If you do use this 
method, be sure that the cookie is not retained on the client 
machine. Omit the “expiry” date on a cookie, and it will exist 
only until the user exits the browser. You don’t want to make 
it foo easy for your users to modify their own access capabilities. 

You could further subdivide the user classes: 


m user ID “admin” in group “admin” has greater privilege 
than other users in group “admin” 

m user ID “guest” in group “guest” has less privilege than 
other users in group “guest” 

m create “group” administrators using user ID “fooadmin” 
in group “foo” (or in group “admin”), or create a group 
named “admin-foo” into which you add users who will have 
admin access within group “foo” 


The possibilities are limited only by your imagination, the 
time you have to spend, and the requirements of your par- 
ticular application. After this, however, it will be up to your 
scripts to determine if someone has access to a given part of 
your application, and how your scripts will react when unau- 
thorized access is requested. 
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help eliminate their confusion and frus- 
tration. The selection form at the top of 


Figure 1, for example, will only contain 
two popup menus when the user has 
been added to more than one “group” 
(in this case, Glance and at least one 
other). Otherwise, the user would only 
see the “Release” popup menu (in this 
case, Dart28, etc.). In the bottom sec- 
tion of igure I, the “edit window” is 
closed and non-admin users would not 
have an “Edit” button to click. The user 
in this example is an administrator, so 
they can edit the data. 


Adding a Registration Form 

One nice thing to do at this point is 
modify your Web server’s configuration to alter how “401” 
errors are handled. The details vary depending on your serv- 
er. For NCSA’s httpd you can add an “ErrorDocument” direc- 
tive into the sym.conf file. For Netscape’s products, you can 
either use their handy admin forms to enable this or you can 
add an “Error reason=” entry directly into the obj. conf file 
(refer to your Web server’s documentation for specifics). 

Then, when access is denied, the server runs a script of your 
design to display an alternate error message, and the script can 
provide a link to a registration form allowing users to request 
access to the private parts of your applications. Since doing this 
changes the action of all “401” errors on your Web site, you 
may want to make this script smart enough to know when it 
should display a link to the registration form and when it should 
simply display a default error message. Examine the HTTP_REF- 
ERER and/or PATH_INFO environment variables and pro- 
ceed based on where the “401” error occurred. Unfortunately, 
depending on which Web server you are running, you may 
need to use other variables to get this information. 

You then have the best of both worlds: any 401 errors gener- 
ated by your Web server will be handled automatically, and your 
scripts can call your error handler when appropriate. The fol- 
lowing example assumes that your error handler script is named 
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“accessDenied,” and your application script has determined the 
user does not have access to the requested information. 


print “Location: /cgi-bin/accessDenied\n\n’; 


Be sure that you have not printed anything else to STD- 
OUT and that you do include the two carriage returns, as 
this is what separates the HTTP “header” information from 
the rest of an HTML document. Exit your script soon after 
this, as nothing else you print will make it to the user’s 
browser. 

One special note: the “Location:” header has officially been 
replaced by the “Uri:” header. A nice thing about the 
“Location” header is that using a relative URL does not change 
what the user sees in the browser’s location box, while using 
a complete URL will change the location shown in the brows- 
er. In the above example, the user will never know that the 
“accessDenied” script was run. Using CGI.pm’s redirect method 
will print both the unofficial “Location” header and the offi- 
cial “URI” header; however, it expects a completely qualified 
URL. This may not be what you want to do. 


print S$editData->redirect ( ‘http: //myserver/cgi-bin/accessDenied’ ) ; 


Either of these last two examples will immediately direct 
the user’s browser to whatever URL you specify. What does 
the “accessDenied” script look like? Let’s assume that your 
admin scripts are located in the cgr-bin/adm subdirectory and 
are protected with basic Web authentication. All you need is 
the following. 


#! /usr/local/bin/perl 
print “Content-type: text/html\n\n’; 
print “<HTML><HEAD><TITLE>Unauthorized</TITLE></HEAD>\n” ; 
if (SENV{‘PATH_INFO’} =~ m#*/cgi-bin/adm/#) { 
print “ 


<BODY><H2>Access Denied</H2> 


Authorization is required to access this application. 
<H2>Registration is Available</H2> 
If you would like, you can 
<a href=\"/cgi-bin/newUser\">register for access</a> 
to the Administrative Forms 
\n"; 
} else { 
## Default Netscape Server Unauthorized response: 
print “ 
<BODY><H1>Unauthorized</H1> 
Proper authorization is required for this area. Either 
your browser does not perform authorization, or your 
authorization has failed. 
\n"; 
} 
print “</BODY></HTML>\n” ; 
exit(0); 


Remember that the “PATH_INFO’” variable is not secure. 
So, why do we use it here? Different Web servers handle error 
redirection differently. The Netscape Enterprise Server sets 
this variable instead of the “SCRIPT-NAME” when it runs your 
custom error handler script. The NCSA Web server uses the 
“REDIRECT_REQUEST” and “REDIRECT_URL” variables. 
You will probably have to add “print” statements to display 
the available variables until your script is working just right. See 
the example above in the section on “Environment Variables” 
for one way to do this. 

How you choose to design the “newUser” registra- 
tion script/form is entirely up to you. Just be sure it is 
not in a protected subdirectory or no one will be able 
to register. 


Template Forms 

(Forms that can be prefilled and saved on a local com- 
puter.) 

As more and more processes migrate to the Web, there are 
times when it would be nice to allow your submitters the abil- 
ity to prefill a form and save it to their local disk drive as a 
“template.” The user can use the “File” and “Save as...” menus 
on the browser to save a copy of the form locally, and then 
later use the browser’s “File” and “Load file...” menus to recall 
the template. This is easily accomplished, but there are four 
things necessary to ensure success. 

First, be sure to use a complete URL in the form’s “action” 
tag, including the machine name and port number (if other 
than 80). Otherwise, when the user recalls the template, the 
browser will be unable to submit the form back to the Web 
server. (You could also choose to add a “<base>” tag to your 
form to resolve any relative links, and CGI.pm’s “start_html” 
method supports a “base” parameter.) 

Second, the file that is saved to the user’s local disk will not 
contain any of the user’s input unless a “submit” button was 
clicked to alter the form prior to being saved. In other words, 
entering data, selecting from popup menus, etc., does not 
change the form’s “source.” You can verify this by filling out 
the form and then clicking the “View” and “Document source” 
menus. To make this work, add a “Make Template” button to 
your form that will simply redisplay the form with the user’s 
input. As this does change the form’s “source,” the changes will 
be included when the user saves the file. In addition, you can 
choose to skip any or all of the form’s normal edits, and empty 
out any date fields that should not be saved. 

Third, if you have icons or other graphics on your form, be 
sure to fully qualify the URLs to the images or they will appear 
as broken graphics when the user reloads a saved template 
from the local disk. Adding a “<base>” tag to your form, as 
mentioned above, will also solve the problem of images with 
relative links appearing broken later on. 

Fourth, add a version number in a hidden field. If it 
becomes necessary to modify the form in such a way that pre- 
viously saved templates are rendered unusable, you can noti- 
fy the users when they attempt to submit an out-of-date form. 
This is not foolproof since, of course, the users could simply 
edit their template file and modify the version saved in their 
template, but it should usually be sufficient. 

At this point, since you are recreating the form, you could add 
special instructions to the top of the template with reminders 
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on usage. These will still be at the top of the form when it is 
loaded from disk, so any instructions must make sense both 
when saving the template and when retrieving it later. 

You may want to determine how many people submit via 
saved templates. When they first click a “submit” button, the 
HTTP_REFERER environment variable will contain “file:” as 
the protocol part of the URL. This will only be true the first 
time. If edits fail, for example, or a “help” button is clicked 
first, any subsequent submittals will no longer be from their 
file but from your Web server. You will have only one chance 
to determine if a template was used, so grab this information 
and tuck it away in a hidden field. 


Potential Technical Problems 

The biggest problem with CGI is security. It opens a little 
window into your system that is only as secure or insecure as 
you make it. First off, be sure to run your Web server by some 
user other than “root” or, if you must do this, use a server that 
can run your scripts as a non-root user. This way, if anyone is 
able to compromise your scripts, they won’t have “super user” 
access to your computer. 

Next, learn as much as you can about your Web server’s 
security configuration files. You should not configure the fol- 


lowing settirigs without good reason: 


m allowing “server-side includes,” (AKA: “parsed” HTML), 
especially with “CGI execs” 

m enabling “.cgi” as a “mime” type, allowing anyone to puta 
CGI script anywhere 

m allowing anyone to override your server’s configurations 
in their local directories 

m giving everyone “write” permission to your CGI directory 


Keep all of your CGI programs in one directory tree under- 
neath your server’s “root” directory, and make sure anyone 
who puts scripts on your server understands the risks. The 
simpler the setup, the easier it is to keep secure. 


Never Trust Input Data 

Once again, never ever trust form data in your CGI scripts. 
It is far too easy for anyone to submit bogus data through your 
form even if you use “hidden” form fields. Perl has a com- 
mand line option to help you protect yourself from trouble. 
Get familiar with using the “T” option on your scripts. This tells 
Perl to flag any variables with user data as tainted. Perl will 
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then prevent you from using these variables in insecure ways 
(file opens, system calls, etc.). You must use Perl’s match func- 
tions to “untaint” the variables and, while this still is not com- 
pletely secure, it forces you to think about potential problems 
in advance. 


Design Around Missing Utilities 

If your script moves from one system to another, any exter- 
nal programs you run may not exist. Even OS utilities may not 
be there—sendmail moves when you move from HP-UX 9.x to 
10.x. Be sure to verify that you can run external programs. 


if (-x “/usr/lib/sendmail”) { 
Smailer = “/usr/lib/sendmail”; # 9.x 
} elsif (-x /usr/sbin/sendmail) { 
Smailer = “/usr/sbin/sendmail”; # 10.x 
} else { 


&systemErrorMsg(“Can’t run sendmail”); 


What happens in our “main routine” example if the 
sendEmail() routine fails even with the error checking shown 
here? There may not be enough process space left to run 
another program, and other problems can occur. Just create 
a slightly different version of your data error routine for system 
errors. Have it display an appropriate message and abort your 
script. Assuming the problem is not with sendmail, the error 
routine could even send you e-mail about the problem. 


Part Il: Graphic Design Issues 


Form Layout 

Creating Web forms is really Graphic User Interface design 
in disguise. It is appropriate to spend a considerable amount 
of time ensuring a consistent look and feel across all of the 
Web forms in one, some, or all of your applications. One lay- 
out that is particularly flexible to use is a four-column grid. 
Submitter Name [ ] Submitter E-mail [ ] 

This works exceptionally well when combined with a two- 
table layout. Use one “outer” HTML table simply to create a 
border of one or two pixels around your whole form. Create 


a second “inner” HTML table to do all of the column for- 
matting from the top to the bottom of your form. Specify a 


border of “O” for your inner table and, when you want to cre- 
ate visual groupings within your form, use a hairline rule that 
spans the four columns. 


prin “ 
<table border=2 width=100%> 
<tr><td> 


<table border=0 width=100%> 
<tr> 
<td align=right> Submitter Name </td> 
<td align=left>", 
SeditData->textfield (-name=>"SubmitterName” , 
-size=>20, -maxlength=>35) ,” 
</td> 


<td align=right> Submitter E-mail </td> 
<td align=left>", 
SeditData->popup_menu (-name=>"“SubmitterEmail”, 
-size=>20, -maxlength=>45),” 


<tr> <td colspan=4> <hr> </td> </tr> 
[ ... rest of form here ... ] 
</table> 


</td></tr> 
</table> 


\n”; # end of print statement 


If you start with this layout, all of the fields will be nicely 
aligned. You can use the “colspan” and/or “rowspan” attrib- 
utes to combine multiple columns and/or rows to obtain pre- 
cisely the desired effect. Think of this as similar to a layout 
“grid” used in desktop publishing. It has many of the same 
advantages. Not all of your forms will work in this format, but 
you may find that many work nicely. 


Create Meaningful Error Messages 

A good thing to do for your users is create clear errors, and 
a good way to do this starts with using meaningful field names 
in your form. Instead of using “Field1” and “Field2” or even 
“Name” and “Email” consider using the same wording for 


field names that you use to label the fields on your form. (See 
the example just above in “Form Layout.”) This way, not only 
will your scripts be easier to maintain, but you are setting your- 
self up for easy error handling. 

Remember the very first example in this article where the 
overall program flow was outlined? (See “Using Form Buttons 
as Data” above.) When the “Submit Your Entry” button is 
clicked, the edits we want might look something like this. 


sub editFormData { 
$Ok = 1; $NotOk = 0; 
@requiredFields = qw( SubmitterName SubmitterFmail ); 


SerrorFields = $separator = “"; 
SerrorNums=0; 


foreach Shield (@requiredFields) { 
if (! SeditData->param(Sfield)) { 
SerrorFields .= Sseparator . Sfield; 
SerrorNums++; 


Sseparator =“, “; 


} 
if (SerrorFields) { 
&errorMsg (“The required field(s) are empty: 


<b>SerrorFields</b>") ; 
} 
# 
# Other edits go here... 
# 


if (SerrorHeadingsPrinted) { 
&errorMsg (“EOD”) ; 
SeditErrorsOccured="True” ; 
return ($NotOk) ; 

} 

return (SOk) ; 


The “@requiredFields” variable is used for two reasons. 
First, since the field names and their values are stored by 
CGI_pm in an associative array, they are in no particular order. 
This way, when any required fields are empty, the error mes- 
sage will display the list of missing fields in the same order as 
they appear on the form (assuming that you are careful when 
you build this list). Second, you may want to have a different 
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list of required fields, depending on what button was clicked 
or what action you are preparing to take next. In this case, it 
is easy to add a test and build the list as necessary. 

What does the errorMsg() routine look like? Grab the exam- 
ple scripts available on the Web (see the URL in the byline at 
the bottom of this article). Briefly, it prints a heading and the 
error message the first time through and, on each subsequent 
call, just prints the error message. After all your edits have 
been performed, check to see if any errors have occurred. If 
so, call the routine one last time with “EOD” so it will finish up 
the error heading block. Just add an “<hr size=4 noshade>” tag 
to make the errors more obvious and a bit of generic wording 
to “make changes and click [Submit] again”. See Figure 2. 

To make the error messages even more obvious, you can 
choose to omit the form’s regular heading as shown in Figure 
2. This works very well. When the main routine determines 
that edit errors occurred, it simply falls back through and dis- 
plays the form again. All the errors will appear at the top, and 
the CGI.pm library retains any of the fields that were previ- 
ously entered. Once the necessary fields are entered and all 
edits pass, the script continues to process the request and dis- 
play the confirmation page. 


Counters 

Our development team won’t use access counters in any 
of our applications—they are mostly irrelevant, usually mis- 
leading, and require far too much overhead to create and 
download. We prefer to generate meaningful Web statistics 
reports and make them available to those who are interested 
in the information. 


Potential Design Problems 

You don’t have to become a graphic designer to build good- 
looking, usable Web forms, but gaining a basic understanding 
of graphic and user interface design issues will certainly help. 
If people find your forms difficult to understand, they will 
tend to avoid your Web site altogether. 


Design for Forward Motion 

Relying on a browser’s “Back” button is a good way to con- 
fuse your users. Designing your forms with an obvious button 
or link to the next logical step will help prevent people from 
going back to forms with stale data. If they have just submitted 
a “delete” transaction through your form and then click the 
“Back” button, they may not realize the deletion was success- 
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FIGURE 2 


Due to the following error(s) we can't complete your request! 


Error: 
The required fields are empty: 
SubmitterName, PhoneNumber, BillingCode 


Please make the necessary changes below and click the Submit button again. 


Instructions: c omplete the following information and, when you are done, click the 


| [Submit Request] button here or at the bottom of the form. 


Submitter Information 
oo A 
Phone [t~—~—i*@YS; Billing 
Number Code | 


Request Information Please enter a detailed description of your request. Include what 
you want, how soon you want it, and how you would like it delivered. 


Tech support told me I needed new dilythium crystals to improve Ra 
my PC's performance. Now I have the crystals, but I can't figure 2 


References 

The Web, of course. Complete examples of these 
concepts are available from the URL in the byline. 
Documentation for the CGL.pm library, including instal- 
lation instructions, is available from Lincoln Stein, direc- 
tor of informatics, Whitehead Institute Center for Genome 
Research at the Whitehead Institute for Biomedical 
Research. For instructions, see “http://wwwgenome.wi. 
mit.edu/ftp/pub/software/WWW/cgi_docs. html’. 

Dr. Stein also includes good example scripts with his 
libraries, and he has other Perl tools available too. 

For further information on HTTP cookies, visit 
Netscape at “hitp://home.netscape.com/newsref/std/ 
cookie_spec.himl. 

You should also check out CPAN, the Comprehensive 
Perl Archive, where you may find just the tool you’ve 


been looking for (or you may have a cool routine to con- 


tribute). To find the mirror site closest to you, use your 
favorite search engine and look up “CPAN.” 


ful and attempt to submit the same 
transaction once again. This will prob- 
ably result in an error, assuming the orig- 
inal deletion was successful, and further 
confuse the situation. 


Design Around Missing Graphics 

Just as with the external programs 
your script runs, do not assume that 
your logos and other graphics will be 
available. Those broken icons are so 


annoying, and they can be avoided Ra Confluent. 
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$docRoot="/some/path/to/htdocs” ; 
SimageFile="/images/myLogo. jpg” ; 
1f (-r “SdocRoot/SimageFile”) { 

print “<img src=\"SimageFile\”> \n"; 
} else { 


print “<h2>My ‘Lil Form</h2> \n"; 


Use the ALT Attribute 

Not everyone has fast access to the Net, especially these 
days! You may want to add text to your forms that is used in 
place of graphics when users choose not to download graph- 
ics as they browse the Web. 


<h2> <img src=“myLogo.jpg” alt="“Submit Form”> </h2> 


If you wrap the image tag in a heading tag, the alternate text 
will be displayed as a heading. You may want to do this in 
other places throughout your Web site. This way, people who 
do not automatically download graphic images because of 
network limitations can get a similar “look and feel” from your 
Web pages. 


Summary 

There are more tips and tricks to Web forms than can fit 
into this article. Some other techniques you may want to inves- 
tigate include non-parsed header (NPH) scripts, JavaScript, 
and, if your Web server supports it, FastCGI. The CGI.pm 
library has, or soon will have, support for these in addition to 
all the other clever things it does. The Web evolves at the 
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speed of light, and the tools you embrace should not hold 
you back. 

I hope you have enjoyed this brief look at some of the CGI 
techniques we’ve been using and adapting in our Web pro- 
jects. If most of this was familiar to you, I hope that you at 
least found something of interest. If this was mostly new to 
you, once you start using this, add “Object-oriented, event- 
driven Web application designer” to your résumé. Then get out 
there and wow ’em! i 


Chris Cobb is a senior engineer with HP Worldwide Sales 
Communication within the Computer Systems Organization in 
Cupertino, California. His e-mail address is cobb@cup.hp.com and 
his Web URL is http://www.cup.hp.com/~cobb. 
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How Are 
Things Going? 
Part Il 


by David Totsch 


LAST TIME, WE EXPLORED the automation of file system space monitoring as a begin- 
ning to a series of columns dedicated to training HP-UX to monitor its own status and 
report on an exception basis. 

If you deployed a file system monitoring script, the first time it reported a file sys- 
tem over threshold you probably asked yourself something like, “OK, I have a file 
system filling up—now what do I do?” The wonderful thing about UNIX is that there 
is almost never a single solution to any one problem. You could use any of the following 
approaches (and a few I have not thought of and several I cannot put into print): 


m extend the logical volume 

introduce a new file system to hold some of the data 
compress some files 

migrate files to backup media 


clean up log files 


Once you have finished entertaining visions of physical and/or mental anguish for 
certain users, you will probably opt for activities that are productive and not disrup- 
tive to users (not to mention your personal freedom). Provided the file system in 
question has them, examination and truncation of log files can be very productive. 
Clearing log files is non-disruptive and can be very effective at recapturing disk space. 

First of all, we have to have a list of log files to examine. Listing J is by no means a 
comprehensive list, but it is a starting point. When you build the list for your system, 
remember to include the log files created by third-party software. 

Each file needs to be checked against a threshold. If it is over the threshold, 
one of the following actions can be taken: 


m simply report it 
m truncate the file 
m rotate the log file 


A log can be selected for action based upon one of at least three factors: characters, 
lines, and blocks. Only reporting the log file still leaves you with the burden of a manual 
task. Rotating the log into a copy is not complicated, but be sure that the log file is not 
tracked by the application through the inode number. A very simple approach is to trun- 
cate the log file in question. If you know the current number of lines in the log and how 
many you want to limit it to, you can use the following Korn shell fragment to truncate: 


# LOG - the log file in question 
# CLINES - current number of lines in the log 


# MLINES - maximum number of lines in the log 
ed - ${LOG} <<- =EOI= 
1,$(( ${CLINES} - ${MLINES} )) d ° 


=EOI= 


LISTING 1 


/etc/eisa/config. log 


/etc/shutdownlog 


/var/adm/automount . log 
/var/adm/backuplog 
/var/adm/btmp 
/var/adm/cron/log 
/var/adm/diag/*MEMLOG 
/var/adm/diag/LOG* 
/var/adm/1lp/log 
/var/adm/1p/log.piftopcl 
/var/adm/1p/lpana.log 
/var/adm/1p/lpd. log 
/var/adm/1p/lpdaemon. log 
/var/adm/messages 
/var/adm/msgbuf 
/var/adm/ptydaemonlog 
/var/adm/rbootd. log 
/var/adm/rl1d.log 
/var/adm/rpc.lockd. log 
/var/adm/rpc.statd. log 
/var/adm/snmpd. log 
/var/adm/spellhist 
/var/adm/sulog 
/var/adm/sw/install.log 
/var/adm/sw/swagent . log 
/var/adm/sw/swagentd. log 
/var/adm/sw/swconfig. log 
/var/adm/sw/swcopy. log 
/var/adm/sw/swinstall.log 
/var/adm/sw/swmodify.log 
/var/adm/sw/swpackage. log 
/var/adm/sw/swremove.log 
/var/adm/sw/swverify.log 
/var/adm/syslog/mail .log 
/var/adm/syslog/syslog.log 
/var/adm/vtdaemonlog 


/var/opt/dce/config/dce_config. log 


/var/opt/dce/rpc/rpcd. log 
/var/sam/log/br_log 
/var/sam/log/samlog 
/var/tmp/sam_remove. log 
/var/tmp/swagent . log 
/var/uucp/ .Admin/DIALLOG 
/var/uucp/.Admin/Foreign 
/var/uucp/ .Admin/audit 
/var/uucp/ .Admin/errors 
/var/uucp/ .Admin/uucleanup 
/var/uucp/ .Admin/xferstats 
/var/uucp/ .Log/LOGX25 
/var/uucp/ .Log/uucico/* 
/var/uucp/ .Log/uucp/* 
/vaxr/uucp/ .Log/uux/* 
/var/uucp/ .Log/uuxqt /* 
/var/ypo/ypserv.log 
/var/yp/ypxtr.log 


LISTING 2 


# Awk script to 
Scan su log... 
# Establish number of failures per day before reporting: 
maxfail=3 # one user su to another 
maxsufail=5 # anyone su to root 
$4 ~ /-/ { # on every failed su.. 
split ($6,ids,”"-”) 
# ids[1] is user running su 
# ids[2] is the user they wanted to become 
data[$2”,"ids[1]”,”ids[2]]++ 
# $2 is the day date notation; increment the 
# the count for this user su to ids[2] 
Tf ( 1ds[2] == “root” ) shots(Soi++ 


# keep track of total failures to root, just in case... 
} 
END { # report... 
for ( x in data ) if ( data[2] > maxfail ) 
{ 
splitts rot, 77) 


print 
“On” ,rpt{1],rpt[2], “attempted”, rpt[3],data[x],”times.” } 
for ( y in shots ) if (shots[y] > maxsufails) 
{ 
print “On”,y,”there were”,shots[y],”failed attempts at 
FOOL!” } 


} 


% 


There is one limitation you should be aware of: you need 
enough space in /tmp to hold the log file you are truncating. 
That can be determined by comparing the output of du(1) to 
the output of bdf(1). 

When a file is truncated, information is thrown into the 
bit bucket. If the task is automated, you may be tossing impor- 
tant information that you never had a chance to evaluate. 
Think of sulog. You would not want to discard any contents 
that contained excessive failed attempts. Listing 2 is a very sim- 
ple awk(J) script to report those failed attempts. It checks for 
excessive failed attempts by one user during a particular day. 
It reports on the entire contents of the file and has no mech- 
anism to prevent multiple reporting of the same violations. 

Unfortunately, each set of related log files will require its own 
automated examination routine. That has a severe implication 
for log files that store their information in non-ASCII format. 
Data log files have to be formatted into an ASCII format and 
reported on; their data removed selectively, they must then be 
returned to their data format. Next time, we will explore some 
techniques that can be used to format and report on two bina- 
ry log files that can grow without bounds: bimpand wimp. 1 


David L. Totsch is a technical consultant for Premier Systems 
Integrators, Inc. in Charlotte, North Carolina. His specialty is HP-UX 
system administration and he enjoys training others to do the same. He 
can be reached at 704/522-6088 or totsch@rbdc.rbdc.com. 
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NTI Process 
Scheduling 
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by Bob Combs 


WE’VE ALL CODED PROGRAMS that 
schedule other programs. In fact, it’s 
hard to build any kind of sophisticated 
application that doesn’t rely on pro- 
grams cooperating with one another. 
Even client-server processes schedule 
other processes. A client program may 
schedule a search request form or a dial- 
up networking program. A server 
process may schedule a background 
batch process or a message-specific pro- 
gram. Well, you get the picture ... the 
list goes on and on. Of course some of 
these processes could be scheduled as 
threads of the client or server program. 

The initial process that schedules 
another proce [’ll refer to as the par- 
ent process or program. The scheduled 
process I'll refer to as the child process 
or program. 

Under HP-UX (or UNIX in general, 
for that matter) a parent program sched- 
ules a child program using an amoebic 
mechanism. The parent process first 
clones a version of itself with a fork call, 
and then the child process (the cloned 
one) makes an exec call to overlay itself 
with the desired program. The child 
process then begins execution of the 
scheduled child program. It is the fork 
call that determines whether it is return- 
ing from the parent or child process by 
the return value. The fork call returns 
a 0 to the child process scheduled, and 
the process ID (PID) of the child process 
to the parent. The code for this opera- 
tion (which we’ve all seen a thousand 
times) is noted in Listing 1. 

Microsoft Windows NT has a POSIX 
subsystem that is POSIX.1 compatible 
and supports the fork and exec func- 
tion calls. (The exec call has been avail- 
able in Microsoft’s C run-time library 
forever.) However, there are a few 
catches. POSIX applications expect only 


the NTFS file system. Programs can be 
scheduled from any NT file system, but 
can access only an NTFS file system. 
POSIX file calls operate a little differ- 
ently than similar calls for non-POSIX 
file calls. The user right Bypass 
Traverse Checking must be turned 
off for true POSIX compliance. All 
POSIX applications execute in a com- 
mand prompt window since they don’t 
support the Windows GUI. The POSIX 
system must be disabled if C2 security 
is required. 

As you can see, POSIX applications 
may not interact correctly with other 
non-POSIX applications. And Microsoft 
discourages the use of the POSIX sub- 
system. It’s really there only to allow 
quick ports of UNIX applications to 
Windows NT. The preferred and com- 
patible method is to code the applica- 
tion native to Windows NT with the 
Win32 API set. Of course, Win32 uses 
a slightly different paradigm. 

Under Win32, the parent process 
schedules the child process with one API 
call; no process cloning or overlaying is 
involved. The child process is started 
while the parent continues to execute. 
The Win32 call to schedule a process is 
CreateProcess as described in Listing 
2. While this mechanism is more straight- 
forward than the UNIX exec call, the 
calling parameters are more complex. 

The first two parameters of the 
CreateProcess function describe the 
file name of the program to be sched- 
uled and the parameters to be passed. 
The 1lpApplicationName parameter 
is the file name to schedule, unless the 
application is a 16-bit DOS or Windows 
3.1 program. In that case, 
lpApplicationName should be NULL 
and the file name is given as the first 
token on the 1pCommandLine para- 


meter. The file name to schedule may be in either parameter 
if it is a 32-bit program. Therefore, as a general case, I make 
lpApplicationName NULL and place the program file name 
and parameters in lpCommandLine. Note in Listing 3 that 
I set the second parameter to MyProg and have no parameters. 

The lpProcessAttributes points to a security attrib- 
utes structure that describes the security context to be given 


| LISTING 1_ UNIX Scheduling Example 


switch (fork() ) 
{ 
case -1: 
printf (“fork failed.\n"”); 
return; /* error return */ 
case 0: 
execl (“someProgram”, argQ, NULL); 
/* child success won't get here */ 
printf (“exec failed.\n"”); 
exit (1); 
default: 
if (wait (NULL) == -1) 
printf (“wait failed.\n"”); 


/* parent success */ 


| LISTING 2 | CreateProcess Call 


BOOL CreateProcess ( 
LPCTSTR lpApplicationName, 
LPTSTR lpCommandLine, 
LPSECURITY_ATTRIBUTES lpProcessAttributes, 
LPSECURITY_ATTRIBUTES lpThreadAttributes, 
BOOL bInheritHandles, 
DWORD dwCreationFlags, 
LPVOID lpEnvironment, 
LPCTSTR lpCurrentDirectory, 
LPSTARTUPINFO lpStartupInfo, 


to the child process object. Similarly lpThreadAt tributes 
points to the security for the child primary thread object. 
Normally I set both these parameters to NULL, requesting 
the default security descriptors. 

I’ve set the dwCreationFlags to CREATE_SEPARATE _ 
WOW_VDM, which is ignored if it’s a 32-bit application and 
otherwise creates the child process in a separate Windows 
3.1-compatible (Windows On Windows) virtual DOS 
machine (VDM) process space. Normally Windows 3.1-com- 
patible processes are created as another thread in one sys- 
tem-wide WOW VDM. The single system-wide Windows 3.1 
VDM more closely simulates how Windows 3.1 works. I pre- 
fer to run each 16-bit application in a separate VDM so it can- 
not interfere with, or be interfered with by, other 16-bit 
applications. 

Since CreateProcess expects the caller to supply start- 
up information, I call GetStartupInfo to read the STAR- 
TUPINFO structure (Listing 4) of the parent process. The 
structure specifies how the new window should appear. Upon 
successful completion, CreateProcess will return in 
lpProcessInformationa PROCESS_INFORMATION struc- 
ture (Listing 5) that describes the child process created. 

So far, the parent process has started the child process and 
could at this point resume executing while the child executes. 
But what if we want to wait for the child to complete its task 
and then pick up the return code from the child? Then we 
need two additional functions. 

The WaitForSingleObject Win32 API will wait for the 


// pointer to name of executable module 
// pointer to command line string 

// pointer to process security attributes 
// pointer to thread security attributes 
// handle inheritance flag 

// creation flags 

// pointer to new environment block 

// pointer to current directory name 


// pointer to STARTUPINFO 


LPPROCESS_INFORMATION lpProcessInformation // pointer to PROCESS INFORMATION 
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windows nt 


| LISTING 3 _ Win32 Scheduling Example 


DWORD dwErr, dwValue; 

PROCESS _INFORMATION pi; 

STARTUPINFO sui; 

GetStartupInfo (&su1) ; 

if (!CreateProcess (NULL, 
“MyProg” , 
NULL, 
NULL, 
FALSE, 


CREATE SEPARATE WOW_VDM, 


NULL, 
NULL, 


&Sul, 
&pi)) { 
GwErr=GetLastError () ; 


printf (“Unable to schedule MyProg %d\n”, dwErr) ; 


} 


else { 
if (WaitForSingleObject (pi.hProcess, INFINITE) == WAIT FAILED) { 
dwErr=GetLastError () ; 
printf (“Wait for object failed %d\n”", dwErr); 
} 
dwValue=0; 


if (GetExitCodeProcess(pi.hProcess, &dwValue) ) { 
printf (“Child returned %d\n”, dwValue) 


} 
else { 


dwErr=GetLastError () ; 


printf (“Unable to fetch return code %d\n”, dwErr); 


child process if passed the handle of the child process. We 
can get that handle from the process information structure 
returned to the parent; specifically pi. hProcess. The sec- 
ond parameter of the function is the time, in milliseconds, 
we should wait before timing out and declaring an error. I 
supplied the constant INFINITE, which specifies no time-out. 

We pick up the returned value from the child by calling 
the GetkxitCodeProcess after the child has finished. The first 
parameter is the child process handle we used before, and 
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the second parameter is the returned value. 

You might have noticed in Listing 3 that GetLastError 
was called when the Win32 functions failed. Many of the func- 
tions only return a Boolean to indicate whether they suc- 
ceeded or not. The function GetLastError can then be 
used to fetch the error code value. ; 

The code I’ve just described will work for you, but ’'d sug- 
gest you examine the CreateProcess documentation to 
find out about the other options available. 
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windows nt 


Startup Information Structure 


typedef struct _STARTUPINFOA { 


DWORD = cb; 

LPSTR  IlpReserved; 
LPSTR  lpDesktop; 
LPSTR IpTitle; 

DWORD = dwX; 

DWORD = dwyY; 

DWORD dwXSize; 

DWORD dwyYSize; 

DWORD  dwXCountChars; 
DWORD dwYCountChars; 
DWORD dwFillAttribute; 
DWORD dwFlags; 


WORD wShowwWindow; 
WORD cbReserved2 ; 
LPBYTE lpReserved2; 
HANDLE hStdInput; 
HANDLE hStdOutput; 
HANDLE hStdError; 
} STARTUPINFOA, *LPSTARTUPINFOA; 


nN 


| LISTING 5 __ Process Information Structure 


typedef struct _PROCESS INFORMATION { 

HANDLE hProcess; 

HANDLE hThread; 

DWORD dwProcessId; 

DWORD dwihreadId; 
} PROCESS INFORMATION, *PPROCESS INFORMATION, 
*LPPROCESS_INFORMATION; 


Since I’ve mentioned threads, I'd like to show how easy it 
is for a process to create a thread. There is a Win32 API called 
CreateThread that looks somewhat like CreateProcess, 
but an even easier way to create threads is to use the C++ run- 
time library function __beginthread. Refer to Listing 6. The 
thread must be prototyped with the UINT function 

(LPVOID) ; syntax; also written unsigned int function(void*); . 
The thread is then created by calling _beginthread with 
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| LISTING 6 | Thread Example 


UINT Count (LPVOID) ; 
void main() 
{ 


int iValue; 
_beginthread(Count, 0, (void*)iValue) ; 


} 
// Worker thread (as opposed to a user-interface thread) 
UINT Count (void* iVal) 
{ 
reare oe 


T= (int) ival; 


three parameters: the name of the thread function, the stack 
size, and a void* parameter. A stack size of zero means use 
the same stack size as the primary thread. Any type parameter 
may be passed to the thread, as long as it is typed within the 
routine, after passing the parameter as a void’. tl 
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‘net Goodies iy tech Bees 


IN A PREVIOUS ISSUE of hp-ux/usr, I described a program called graphmaker by 
Fabrizio Pivari. Mr. Pivari has sent me a note updating the address for his software. 
His current site is hitp://www.geocities.com/CapeCanaveral/Lab/346 9/index. html. 

Also in a previous issue, I discussed Sun’s Java Development Kit (JDK). At the 
time, the latest version was 1.0.2. The new release of Java went out the door about 
a month ago. It is version 1.1. 


ALT.SOURCES.D 


gnumach (v 1.0) 

Just when you thought you had enough toys to play with, the Free Software 
Foundation releases yet one more. If you enjoy hacking a little bit and/or have had 
fun with Linux, then you might want to look at yet one more UNIX clone, gnu- 
mach, This software can be found at all your favorite gnu sites including the fol- 
lowing two: 


Stp://prep.ai.mit.edu/pub/gnu/gnumach-1.0.tar.gz. 
Stp://gatekeeper.dec.com/pub/GNU/gnumach-1.0.tar.gz. 


This distribution is only for i386, 1486, i586 (pentium), and i686 processors on 
PC-AT compatible machines. 

The authors are looking for volunteers interested in ports to other architectures. 

This kernel supports most ethernet cards and disk controllers. Interface cards for 
which Linux drivers exist can be ported easily. Non-network devices for which BSD 
drivers exist can be ported with a little effort, but not much. 


mtools (v 3.6) 

And again courtesy of the Free Software Foundation, a new version of miools has just 
been released. miools is a tool that supports floppy disk I/O on UNIX computers. In 
particular, it works well with PC floppies (including Windows 95 style long file names). 

mtools works on AIX, HP-UX, and Sun operating systems. Anyone using floppy 
disks either to or from a PC should examine this program. It’s easy to build and 
easy to use. mtools is also available from standard gnu repositories including gate- 
keeper.dec.com. 


MISC 


samba (v 1.9.16p11) 

Ever since I purchased a PC running Windows 95 for my family, I longed to be 
able to conveniently and inexpensively interconnect this computer to my UNIX 
workstations at home. Of course, I had ftp on my PC as it was packaged with the 
TCP/IP software I had purchased for it. But what I really wanted was NFS. And that 
was expensive to purchase; no freeware version of PC/NFS exists. That was when I 
learned about Samba. Samba is a free SMB client and server for UNIX (and other) 
operating systems. 
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internet goodies 


So what is SMB? Quoting from the 
README file for this package, “... it is 
the protocol by which a lot of PC-relat- 
ed machines share files and printers and 
other information such as lists of avail- 
able files and printers.” Using the soft- 
ware from the PC side is easy: You simply 
choose “network drive” and enter the 
UNIX host and path name. From that 
point on, your new drive (such as E:) 
points to the subdirectory on your UNIX 
computer. 

On the UNIX side, you need two 
agents running, smbd and nmbd. Building 
them was easy. The required configura- 
tion file wasn’t difficult either once I read 
the accompanying documentation. The 
software was developed by Andrew Tridgell 
in Australia. It is available via the Web at 
hitp://samba. canberra.edu.au/pub/samba/ 
or via ftp at samba.anu.edu.au in the 
/pub/samba directory. 


sendmail (v 8.8. 5) 

The sendmail program is probably 
one of the most important UNIX utili- 
ties. Without it, the overwhelming major- 
ity of UNIX systems could not receive 
or deliver e-mail. Replacement programs 
do exist (I used to use smail on an AIX 
system), but most people stick with the 
original. 

Unfortunately, there have been a 
number of security scares associated with 
the sendmail program, some valid and 
some not. Nevertheless, given its impor- 
tance in the UNIX environment, you 
may not want to wait until your vendor 
supplies you with a more up-to-date ver- 
sion of sendmail with their operating sys- 
tem. Why not get the latest and greatest? 
Sendmail is available via ftp from /ftp.send- 
mail.org. While you are there, you might 
also pick up a new copy of the Berkeley 
db package, which sendmail uses. 
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gpop (v 2.2) 


For better or worse, I have recently established e-mail accounts for everyone in my 
family. That includes my four children aged 10 to 18. Their e-mail access is via a 
Windows 95 PC-based package but the Internet connection and mail server is on my 
UNIX computer. This is where I learned about the POP (or Post Office Protocol) 
server software. The client program (the PC e-mail software) uses POP to talk to the 
mail server and download pending e-mail messages. RFC 1082 defines the protocol used. 

The latest and greatest version of POP (also called popper) is supported by 
Mark Erikson (mark@qualcomm.com). It was easy to build and straightforward to 
install. The software is available via anonymous ftp from /tp.qualcomm.com in the 
/quest/unix/servers/popper directory and is called gpop2. 2. tar. Z. 


hibdes (v 4.01) 

A useful library to have in one’s bag of tricks is libdes. This package includes a DES 
encryption library and DES encryption program. It supports ecb, cbc, ofb, cfb, 
triple ecb, triple cbc, triple ofb, triple cfb, desx, and MIT’s pcbc encryption modes 
and also has a fast implementation of crypt(3). Typical uses include file encryption 
and programmatic encrypted transfer of data across the Internet. 

The library is copyrighted by Eric Young (eay@mincom.oz.au) and is available from 
Stp-psy.uq.oz.auin the /pub/Crypto/DES directory. It is also found on many other sites. 


enscript (v 1.4) 

Over the years, I have seen many programs that convert ASCII files to PostScript 
for printing on PostScript printers. Each seems to have its advantages and disad- 
vantages and I have jumped from one program to the next. One day it occurred to 
me to see whether the Free Software Foundation (the GNU people) had a pro- 
gram to meet my needs. 

I was surprised to find that I had never previously heard of enscript. The README file 
states, “GNU enscnptis a drop-in replacement for the enscript program”. Somehow I had 
missed this program (the original as well as the GNU replacement) all these years. enscript 
includes every option I have wanted plus more than I can ever use. My typical use of 
enscriptis for dumping the contents ofa file to my laser printer two-up, that is, two logical 
pages on one physical page. I define an environment variable, ENSCRIPT, as follows: 


export ENSCRIPT="—fancy-header—borders—columns=2 --landscape—output=-" 


To printa file, I simply type enscript filename | lp and the file is printed 
in landscape mode, two-up. You can get enscript from your favorite GNU repository 
site such as gatekeeper.dec.com. 
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Telnet Applet 
Much valuable information can be learned from studying the code to this Java 
applet, a fully functional telnet application that includes terminal emulation support 


for VIT320/ANSI. The source code can 
be used to understand telnet negotiation, 
terminal emulation, and socket I/O. I 
learned more from this applet than from 
studying a number of Java books. 

The software, including sources, is 
available via the web from http:// 
www.first.gmd.de/persons/leo/java/Telnet. 
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zfilter (v 2.7) 


I am now getting two or three pieces 
of electronic junk mail a day. It is starting 
to bother me. This program, z/tléer, 
couldn’t have come at a better time. As 
the README file says “... ZFilter is a vast- 
ly superior e-mail filtering program that 
can ... automatically destroy junk mail, 
chain letters... (it) can track and main- 
tain logs of who writes to you the most, 
what actions it has taken the most, and 
up-to-the-second reports of how much 
mail has been received during the cur- 
rent year, month, day, hour, and minute.” 

The software requires Perl (which of 
course everyone has). It is available from 
the author’s (Steven Zeck) home page at 
http://www. guam.net/home/viper/ 
files. html. 
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xcoral (v 3.0) 

Now this is a nice program! xcoral is 
a multiwindow, mouse-based text editor 
for editing various types of files for use 
in an X windows environment. 
Developed in France by Lionel 
Fournigault, Bruno Pages, and 
Dominique Leveque, this program is 
cognizant of C, C++, Java, Latex, 
HTML, RCS formats, and other for- 
mats. The program includes various 
display fonts, menus, a toolbar, a macro 


facility, and an undo mechanism. 
Included is a comprehensive online 
manual as well as a 175-page PostScript- 
ready manual. The editor will also color 
your text according to the type of doc- 
ument you are editing. Last but not 
least, xcoralincludes Smac, a small, built- 
in ANSI C interpreter for dynamically 
extending the editor’s functionality. 
Building the software was easy. It has 
been tested on the following systems: 
SunOS, Solaris 2, Linux, AIX, HP-UX, 
IRIX, and OSF/1. The software is avail- 
able from the contributors at /tp.inria.fr 
in directory X/contrib-R5/clients or 
Sip.x.org ( contrib/editors) . ff you are look- 
ing for a nice graphical text editor for a 
UNIX system, spend some time with this 
program. It’s worth the investment. 


WEB PAGES 


http://www.windows9 5.com 

I apologize to all the UNIX-only 
purists for mentioning this site, but I 
find that more and more it is not possi- 
ble to remain a UNIX-only purist. In my 
own office at Landmark, I have a Solaris 
X.86 workstation as well as a Windows 
95 workstation. I use them both. At any 
rate, for the person needing utilities 
(including UNIX-lookalike software) 
for Windows 95, this is a great site. Lots 
of good shareware, too. qi) 


Joseph Berry is a senior software developer at 
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Virginia. He is one of the authors of 
Landmark's PerformanceWorks products, 
PerformanceWorks/Smart Agents for UNIX. 
A former HP 3000 systems specialist for 
Hewlett-Packard, he has been in the computer 
industry for more than 25 years. He can be 
reached at joe@wayne.unix.landmark.com. 
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Lisa with an S 
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by Larry Headlund 


IN MY LAST COLUMN I considered 
the design of the user interface of the 
Apple Lisa, the interface that evolved 
to the Apple Mac with all its influence. 
What was exciting for the developers 
was that they were presented with a 
blank slate. There was no installed 
base for graphical environments, no 
user habits or hard-won user knowl- 
edge or loyalties to conform to. There 
was not even an existing paradigm to 
guide or restrict the developers. So 
successful was the fruit of their efforts 
that no one has had such an oppor- 
tunity since. 

Such an influential design creates 
in me an interest in the design and 
testing methods used to create it. The 
article in 7nteractions referenced below 
and the perspective of the last decade 
and a half give us a chance to critique 
both the result, the Lisa/Mac inter- 
face, and the process of producing it. 
Since X was having its beginnings in 
the early 1980s overlapping the 1978 to 
1983 development period of the Lisa, 
I can contrast the decisions made in 
each case. 


Lisa Goals 

Like all good development projects, 
the Lisa started with a set of goals and 
guiding principles. In the Lisa’s case 
they were: 


1. Lisa must be fun to use. 

2. Lisa will require extremely minimal 
user training and “hand holding.” 

3. Lisa will adhere to the concept of 
gradual learning. 

4. Lisa will use graphics aggressively. 


There were other goals in line with 
Apple’s intention that the Lisa be a 


general-purpose business machine 
that would allow user customization 
and enable the user to handle several 
tasks at once, with consistent user 
interfaces and consistent error and 
warning messages. It is the four goals 
enumerated above that I want to home 
in on. 

The first and fourth goals, fun and 
ageressive graphics, were marketing 
decisions to differentiate the Lisa from 
the competition. They meant that when 
a choice had to be made between equal 
or nearly equal approaches, the nod 
would go to the approach with the most 
flash. An example of this kind of 
decision was the design of the filing 
interface. 

One filing interface considered the 
design team called “Twenty Questions.” 
In this model, when a user wished to 
access a document he would be 
prompted to choose a document from 
a list. He would then choose an action 
to apply to the selected document(s). 
Another competing interface was the 
now familiar one with icons and full- 
size documents and dragging and drop- 
ping for actions. The two approaches 
were a dead heat in user testing in such 
areas as speed of learning, speed of task 
completion, level of comprehension, 
and error rate. However, no user pre- 
ferred the “Twenty Questions” design 
and some preferred the iconic 
approach because it was “more inter- 
esting and fun.” Hence the nod went 
to the iconic design. 

Note what was not included in the 
decision: nothing about computa- 
tional efficiency. If the hardware could 
do it, and the Lisa team was taking 
advantage of the then new Motorola 
68000, that was sufficient. Nothing 
about ease of programming, that was 


POWER 
FLEXIBLE 
ADVANTAGE RULES-BASED 


IT'S APPX 


= APPX 
SMART. 
: Real. APBX. 


APPX and APPX SMART are copyright APPX Software, Inc. 
CIRCLE 35 ON READER SERVICE CARD 


Consider the advantages of the 


INTEREX DIRECT MAIL SERVICE 


+ 46,000 Hewlett-Packard computer users in our database 
+ A one-week turnaround time 
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not our department. This orientation 
seems unremarkable now, but it was 
not the standard operating procedure 
for the design of computer products at 
the time. The other equally revolu- 
tionary approach at the time was that 
taken by the X/Athena project. They 
designed for hardware that was in 
advance of what was commonly avail- 
able at the time, choosing a clean 
design over an efficient implementa- 
tion, trusting to accelerating hardware 
to justify their approach. They also 
were proven correct. 


Testing 

I mentioned the result of user test- 
ing above. The structure of user test- 
ing is at least as important as goals. 
Your testing procedures must align 
with your goals if your goals are to be 
measured. It does no good to measure 
weight if your goal is speed. In the case 
of the Lisa, a key way to measure 
progress toward the middle two goals, 
minimal user training and gradual 
learning, was very abbreviated testing 
with potential clients and typical users. 
What the Lisa team meant by these two 
goals was that a new user should be 
able to accomplish simple tasks imme- 
diately with no instruction and that 
knowledge of how to do more com- 
plicated tasks would be acquired grad- 
ually on an as needed basis. I doubt 
that anyone was ever told to read the 
fine manual. 

The first pool of test subjects were 
new Apple employees with no 
computer experience. There was the 
reasonable assumption that these 
employees could represent the pool 
of potential users. Perhaps, since they 
were coming to work for a computer 
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company, they were a shade less com- 
puter phobic than the general pop- 
ulation, but this was judged minor 
compared to the convenience, cost, 
and security factors of using an in- 
house pool. 

A second testing group is more con- 
troversial. Later in Lisa development, 
when they had something to show, they 
would bring in potential customers to 
experiment with the machine. I think 
this is dangerous in that it is mixing 
sales and development. This proce- 
dure can indicate which features are 
important for a sale, which is all to the 
good, but the result may be skewed. 
For example, the “testing” period 
would be half an hour, during which 
time the customers could see if they 
could perform simple tasks without 
help. This fits in nicely with the para- 
digm of gradual learning. However, 
are sales in the real world based on 30- 
minute demonstrations? If the answer 
is yes for this product, then you have a 
powerful tool in this testing for telling 
you what a successful product should 
look like. If the answer is no, then you 
may be hurting yourself by thinking 
that a successful demonstration brings 
you a sale. This is because the thirty- 
minute demonstration is so different 
from the actual function of the 
machine. A computer interface is what 
a purchaser will interact with for a 
good portion of his or her working life. 
Is the impression after the first 30 min- 
utes the best measure? I am remind- 
ed of the consumer interfaces that “any 
idiot can use,” and after five minutes 
only an idiot would want to. 


The One-Button Mouse 
The result of these design goals and 


testing procedures is seen in the choice 
their 
Remember that in the early 1980s a 


Apple made _ for mouse. 
mouse was most definitely not a famil- 
iar object to consumers. They had no 
expectations, practices, or habits for 
mouse manipulations. Apple’s choice 
was between a three-button mouse such 
as that used in the Xerox PARC 
Smalltalk environment and a one-but- 
ton mouse. Apple’s user testing showed 
that the three-button mouse had a 
slight advantage for experienced users 
but was confusing for beginners. The 
extra buttons also made it harder to 
learn the Lisa user interface quickly. 
The one-button mouse was chosen to 
make the user interface easier for the 
first-time user. 

This is a real designers’ decision. 
You are a first-time user once and a 
gradually more experienced user for 
the rest of your life. However, you don’t 
want to spend too much time learning 
before you can get your work done. 
The decision of whose interest to favor, 
neophyte or master, is a judgment with 
no right answer. Note how the design 
goals and the testing procedure, par- 
ticularly the thirty-minute tests with 
potential customers, all bias the deci- 
sion towards the neophyte. Famously, 
the X universe went with the three- 
button mouse. 


What You See Is All You Get 

We go now from the detail of the 
mouse design to the grandness of the 
metaphor. To use effectively and in 
some sense understand an interface, 
the user must have a metaphor, a men- 
tal picture of what is going on. It helps 
if the metaphor bears some relation- 
ship to what is really going on under 


the hood, to avoid jarring inconsis- 
tencies and to enable the user to make 
accurate predictions of the conse- 
quences of an action. The Apple Lisa 
developers chose the now familiar 
desktop metaphor along with analo- 
gies to file cabinets and the famous 
waste basket. This has the advantage 
of familiarity to the user, hence allow- 
ing gradual learning. However, any 
metaphor is also limiting. The com- 
puting environment takes on some of 
the limitations of the actual desktop. 
Documents can be misfiled, lost under 
other documents on the desktop, and 
so on. 

The computer desktop can do 
some things a physical one cannot, for 
example automatically keep a list of 
all documents on the desktop and 
bring any one of them to the forefront 
at a button click, but the metaphor 
still gets in the way. This is what is 
meant when we say that a GUI makes 
simple tasks easy and complex ones 
impossible. Think of the tasks that are 
simple with shell pattern matching or 
with the UNIX grep command that are 
tedious with a GUI. Since this desktop 
metaphor permeated the design of 
the Lisa, the developers had a diffi- 
cult time coming up with a function- 
al analog of the UNIX find command, 
for example. This metaphor spread 
beyond the Lisa and Mac so that it was 
almost a decade later that the World 
Wide Web made popular some of the 
modes of operation that only a com- 
puter could support, modes and func- 
tions that were outside the original 
paradigm. 


Conclusion 
History, even in so new a field as 


computers, is always worth studying. It 
can show us both how and why we are 
where we are. i 


Larry Headlund is the president of 
Mathematical Engineering, Inc., a UNIX 
and Motif development company. He has 
been working with commercial UNIX since 
1983 and with X since 1987. He can be 
reached at lnh@world.std.com or at 1.617. 
242.1743. 
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by Anita Harris 


This month’s column will address questions that might arise when writing an 
HP-RT driver. 


QE am writing an I/O driver that will be writing data to an HP-RT swsm on my 
local processor. I have the swsm defined in my CONFIG. TBL as: 


O: local_mem:A32+DATA_ACCESS : 0x20001000:0x1000:2:SYSTEM_ONLY 


My CPU number is 2 and I have 64 MB of local RAM. My driver and kernel make 
without errors but when I boot my kernel, I get the message: 


** Failed to create an inode for user-level SWSM local_mem 


If I take the swsm out of my CONFIG. TBL and remake the kernel, I don’t see the 
error message. What is wrong with my swsm declaration? 


£45 HP-RT uses direct mapping when slave mapping A32 address space, as you 
are doing by defining a swsm on your local processor. This means that it has 256 
MB of VME A32 address space mapped directly to its lowest 256 MB of memory. 
The first byte of the VME region maps to the first byte of physical memory on the 
HP-RT system. The kernel will utilize the lowest physical memory addresses. This 
area is from PA address 0x00000000 to approximately 0x00900000. These 
addresses then have VME addresses of 0x20000000 to approximately 
0x20900000. You can define your swsm at a VME address above 0x20900000 to 
avoid a conflict with kernel space. 


QQz I am writing and testing a driver using two different variations of interrupt 
vectors. One variation uses second-level interrupts. Another uses a first-level 
interrupt scheme. I find that when I boot a kernel made using the first level 
interrupt scheme, I get errors indicating that I am using second-level interrupts. 
I checked my driver make files and the only difference I see is in the section that 
locates the drvrinfo.o file. The sections in question are below. Is this causing my 


problem? 

CCRT = $(HPRTroot) /hpux/bin/ccrt 

DRIVER_SRC = /users/me/mydriver 
TRG_DRIVERS = $(HPRTroot) /etc/conf/drivers 
TRG_DEVICES = $(HPRTroot) /etc/conf/info 
TRG_DHEADERS = $(HPRTroot) /etc/conf/dheaders 


Second level interrupt makefile: 


$(TRG_DEVICES) /skelinfo.o : $(DRIVER_SRC) /skelinfo.c \ 
$ (DVR_HEADERS) 
S(CCRT) $(TRG_DEVICES) /skelinfo.c \ 
-I$(DRIVER_SRC) -IS$(DRIVER_SRC) \ 
$(CFLAGS) -o $(TRG_DRIVERS) /skelinfo.o >skelinfo.lst 
First level interrupt makefile: 
$ (TRG_DEVICES) /skelinfo.o : $(DRIVER_SRC)/skelinfo.c \ 
$ (DVR_HEADERS) 
$(CCRT) $(TRG_DEVICES) /skelinfo.c \ 
-I$ (DRIVER_SRC) -I$(DRIVER_SRC) \ 
$(CFLAGS) -o $(TRG_DEVICES) /skelinfo.o >skelinfo.lst 


4X5 The section of your makefile for the second-level interrupt places 
the drvrinfo.o file in the $(TRG_DRIVERS) directory. The effect is seen 
when a different driver with the same drvrinfo.o name using different inter- 
rupt vector information locates the drvrinfo.o file in the recommended 
$(TRG_DEVICES) directory and the other file remains in the $(TRG_DRE 
VERS) directory. The kernel uses the drvrinfo.o file to bind key driver infor- 
mation at system installation. Placing the drvrinfo.o file in the 
$(TRG_DRIVERS) directory forces the entry points to be resolved from 
this file first rather than from the expected location in $(TRG_DEVICES). 
So, when you made your kernel using the first-level interrupt scheme, the 
drvrinfo.o information used to resolve entry point was from the second- 
level interrupt $(7RG_DRIVERS) /drorinjo.o file. 


QE | have written my HP-RT driver and I am now configuring it into 
the kernel by inserting 


I:mydriver.cfg 


at the beginning of my CONFIG.TBL file. I had a problem with my 
driver during boot with a swsm configuration so I removed the line 
from the CONFIG.TBL file and remade the kernel to make sure I 
could still make and boot a kernel. The same swsm problem 
remained! I confirmed that I had removed the entry from the 
CONFIG.TBL file. Now, nothing I do removes this problem from the 
new kernels that I make. What is wrong? 


4X: This problem may be the result of inserting your driver at the begin- 
ning of your CONFIG. TBL file. New drivers should always be placed at the 
end of the file. Refer to the Driver Writing in the HP-RT Environment man- 
ual, Chapter 5, “Installing Drivers,” Figure 5-1, “Typical Driver 
Configuration Flow Diagram.” You can see that the information pro- 
vided in the CONFIG. TBL file is used by the config(1) utility to produce 


the nodetable nodetab. It contains the names and 
descriptions of the device files in your kernel. Each 
major I/O device on a system is numbered, by the sys- 
tem, according to its position in CONFIG. TBL. Placing 
a new device at the end of the CONFIG.TBL file 
avoids changing major numbers for existing drivers. 
The CONFIG.TBL file is also used to create the CON- 
FIG.h include file, which is used to configure the 
driver and swsms into the kernel. 

If these files are corrupted by the insertion of your 
driver at the beginning of the CONFIG. TBL, file you 
will need to purge the nodetab and CONFIG.h files 
and remake your kernel to resolve the corruption. 


Qi= | am attempting to debug my driver using 
pdb. I have an RS-232 connection from /dev/ttyOpO 
of my HP-UX host to port B of my HP-RT target 
system. I boot my 743rt kernel using: 


ISL> rtboot -aK -rramdisk /mykernel 


to debug the install entry point of my driver at 
bootup. I run pdb from my 10.20 HP-UX host using: 


$ SHPRTroot/hpux/bin/pdb -B -£/dev/tty0p0 
/home/tftpdir/mykernel 


I receive the error message: 


Unable to open communication link to target system 
/HP-RT/hpux/bin/realpdb: Permission denied 
open (/dev/tty0p0,2) failed 


If I make myself root, I can successfully run pdb. 
What do I need to do to run pdb without being 
root? 


#&2You can see from the error message that the 
open of /dev/ttyOp0 failed. In the HP-RT Symbolic 
Debugger User's Guide, Chapter 3, there is a section 
titled “Setting Up the HP-UX Terminal Device File.” 
It states that the access permissions on the device 
file must be set to read and write, that is rw-rw-rw-. 
If write permission is not set for group and other, only 
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the owner of /dev/ttyOp0, root, will be able to run pdb. As root 
perform: 


# chmod 666 /dev/tty0p0 


and you should be able to run pdb as a non-superuser. 


QQz | am attempting to debug my driver using pdb. I am 
getting the message: 


Passed through init_rs232_card(). 
/HP-RT/hpux/bin/realpdb Terminal doesn’t support window mode 


I am using a CDE dtterm window on my HP-UX 10.20 host. 
What do I need to do to get pdb to work? 


#&: Again, you can refer to the “Setting Up the HP-UX 
Terminal Device File” section of Chapter 3 in the HP-RT 
Symbolic Debugger User’s Guide for assistance. If you wish to use 
a terminal emulator and you can use an hpterm window 
instead of the dtterm window, you will be more successful 
running pdb. 


QQE I have a 742rt HP-RT processor running revision 2.21 
of HP-RT. I want to transfer data to my I/O card using 
DMA. I understand that there is no DMA engine on the 
742rt, but my I/O card can master A32+DATA_ACCESS 
DMA transfers. What do I need to do in my local process to 
set up the transfer? 


4&2 You have two options. You can describe local memory 
on your 742rt processor in a swsm area. The beginning VME 
address of this contiguous memory and its size can then be 
passed to the remote card or processor. This is the easiest way. 

If you do not have available memory or cannot use it for 
defining a swsm for DMA, you can translate virtual addresses 
from your driver to physical addresses using mmchain(9) or 
mmchainjob(9) functions. The starting physical addresses and 
sizes of all non-contiguous memory segments that make up a 
contiguous virtual memory segment are written into an array 
of type struct dmachain. 
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struct dmachain { 
long address; 
int count; 


ne 


The array looks something like this: 


Physical Address Size 
dma_array [1] 0x10000 0x1000 
dma_array [2] 0x13000 0x2000 
dma_array [3] 0x16000 0x1000 


This effectively chains memory segments together to make 
them contiguous. This array can then be used to set up 
DMA by the remote device. The remote device will expect a 
VME address to read from, and a count or size of the buffer 
to read. You will need to utilize the fact that A32 space uses 
direct slave mapping for swsms. You should define a 
“dummy” swsm in A32 space. This assigns an A32 region to 
your CPU, which then allows you to calculate a VME 
address for each physical memory address in your system. 

For example, let’s say we are developing a write entry point 
for our driver. It will look something like: 


mydriverwrite(myDrvrData, fd, buffer, buffcount) 
mydrvr_data *myDrvrData; 

struct file *fd; 

char *buffer; 


int buffcount; 
We set up our array for doing the dma chaining: 


struct dmachain dma_array[100]; 


int num_elements; 


In our code we call mmchain to create the dma_array chain 
of physical addresses for our use. 


num_elements = mmchain (dma_array, buffer, (long)buffcount) ; 


We will do a DMA transfer for each element in the 
dma_array chain for the size of the segment available. So we 
pass the address of each element calculated as a VME address 
to the I/O card. 

Continued on Page 86 
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for (i=0;i<num_elements; i++) 
{ 
beginaddress = dma_array[i].address + A32_baseaddress; 


size = dma_array[i].count; 


/* Begin DMA transfer */ 
} 


Qa? How can I dynamically determine the base address of my VME A32 space 
region? I know that it is in region 2 because that is where I defined my A32 swsm, 
but I want my driver to be able to determine the value. 


A> Here is a routine you can use to determine your A32 base address. 


char *get_A32_base_address () 

{ 

struct sys_shmem *swsm_pointer; 

int i; 

struct lowmem *1m; 

extern struct sys_shmem *swsm_ptrs[]; /* Array of pointers to SWSMs 
defined for this VME system 
in CONFIG.TBL */ 

lm = LOWMEMBASE; /* See /usr/include/machine/frame.h for the lowmem 

structure. */ 
/* Get the CPU number of the local processor from the lowmem 
structure. */ 
cpuNumber = 1lm->cpu_number; 


/* For each swsm defined in this VME system... */ 
1 = 0 


swsm_pointer = swsm_ptrs[i++]; 


while (swsm_pointer != 0) 

{ 

/* Is this swsm defined on our local CPU? */ 

if (swsm_pointer->cpu_number == cpuNumber) 
{ 
/* Determine if it is an A32 swsm. See sysshmem.h 
for SPACE ID macro. */ 
if (SPACE_ID(swsm_pointer->space_access) == A32) 


/* VME address of beginning of swsm. Remember there 


can only be one A32 swsm per processor. */ 


return (char *) (Swsm_pointer->BUS_address & 0xF0000000) ; 
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swsm_pointer = swsm_ptrs [i++]; 


return (0); 


Important Patch Notice 

There is a known problem docu- 
mented in SR 5003361089 regarding 
timers using sub-10ms ‘times’ stalling 
timer expirations for up to 40 seconds. 
It is recommended that all customers 
install the appropriate patch for their 
OS revisions to avoid encountering this 
problem. The patch numbers for each 
currently supported revision are listed 
below. Contact your local HP Response 
Center to obtain the patch for your OS. 


HP-RT OS Revision Patch Number 
212 PT970321 001 
2.21 PT970325 000 


3.0 + warranty patch PT970401_000 


HP-RT Operating System questions are 
answered by Anita Harris, a support engi- 
neer in the HP-RT Worldwide Technology 
Expert Center. She has worked with Real Time 
systems for eleven years as a customer, a Real 
Time Response Center Engineer, and HP-RT 
WTEC Engineer. 
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JMS puts you in control of your Data Center with scheduling 
and execution of batch jobs. JMS has no command language 
to learn so it's easy to use and yet has sophisticated scheduling 
capabilities that are second to none. JMS network capabilities 
allow scheduling and job dependencies across the network. 
Restriction features allow you to limit those pesky system 
hogs. Ad hoc streamed jobs may be incorporated to allow 
complete batch job control. 


CALLBACK SYSTEM DOWN DETECTOR AND JoB 
NOTIFICATION SYSTEM 


Voice/Beeper/Digital or our new Alpha Pager notification for: 
¢ Adverse Temperature ¢ Power Loss ¢ System Hangs ¢ Job 
Aborts ¢ Printer Status ¢ Physical Conditions ¢ User Requests 
* Logon Security ¢ Reply Pending * Console Messages ¢ Special 
Job Events ¢ Spoolfile Scanning ¢ And much more... 


We are the leaders in tools for the "Lights Out Environment." 
Call us today for a free 30 day demo. MPE/iX or HP-UX. 


Corporate Headquarters 

3470 Pipebend Pl. NE ¢ Suite 120 ¢ P.O. Box 13086 ¢ Salem, OR 97309-1086 

Phone: (503) 585-0512 ¢ FAX: (503) 585-1706  E mail: Design3000@aol.com 
International Sales Office 

System Software Intl. * Oakmoore Court * Kingswood Road * Hampton Lovett 
Droitwich, WR9 0QH, UK « Phone: +44 (0) 1905 794646 ¢ FAX: +44 (0) 1905 794505 
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CSL Perspective 


HAVE YOU EVER FELT really embar- 
rassed ? Like you just wanted to bang 
your head against a wall and mutter 
to yourself, “Boy, that was a pretty stu- 
pid thing to do!” That’s a pretty accu- 
rate description of the way I felt after 
reviewing my column from last issue. 
I must have been in a daze, or preoc- 
cupied with something else. So let me 
offer my sincere and humble apolo- 
gies to each of you since I really blew 
it. Now let me try to make it up to you. 

I’ve mentioned, for several months, 
the FAST project. FAST stands for 
Freely Available Software Technology. 
It is a collection of “freely available” 
software from various sources such as 
the Internet and HP. This collection 
will include the latest versions of many 
of the most popular software pack- 
ages ported to HP-UX 10.10 and dis- 
tributed on CD-ROM and through 
archive sites such as InterWorks and 
the HPPD Centre. The packages will 
be bundled together in SD format to 
allow easy installation and will be inte- 
grated into the Common Desktop 
Environment (CDE) as appropriate. 
Each package will include additional 
documentation, produced by the 
FAST team, which will give users and 
administrators additional assistance 
in effectively utilizing the software at 
their sites. 

This is a major undertaking, to be 
sure, but the benefits to be gained in 
the long term are significant. For 
years one of the most frequently asked 
questions on the comp.sys.hp.hpux 
newsgroup has been, Where can I get 
an HP-UX version of | ? This 
question has been driven by users and 
system administrators alike, many of 
whom are using HP-UX for the 
first time. 


More and more HP-UX systems are 
finding their way into sites that had 
no UNIX systems or are primarily 
non-HP UNIX systems. And with the 
major upgrade from version 9.X to 
10.X, it has become very apparent to 
many long-time HP-UX users that 
there is a significant need for this soft- 
ware. This huge, unmet need we 
believe is an enormous opportunity 
not only for the various users groups 
but for HP as well. That is why HP is 
assisting us in this effort. 

The FAST project team has estab- 
lished a process and some standard 
specifications for doing this porting 
work. Since the 10.10 version of HP- 
UX now uses the SVR4 file system lay- 
out, the standard strongly encourages 
the porters to utilize this structure. 
Applications will be built to install in 
the /opt/<appname> directory, which 
provides a more manageable location 
for system admins. Each package will 
be compiled with HP’s C compiler in 
ANSI mode wherever possible. Porters 
can also attempt a build using GNU 
C, but it is not required. The result- 
ing binary packages may not use tran- 
sition links and will be packaged in 
Software Distributor format for ease of 
installation and network distribution. 

Because of the huge volume of soft- 
ware that needs to be ported, the 
team has come up with categories or 
bundles. Each category contains the 
most popular packages so that the first 
release covers a large portion of what 
is needed. The current list includes: 


Software Development 
Mail/News 
Networking Tools 


é 


System Monitoring 


Word Processing 


Image Handling 

File Handling 
General-purpose Tools 
Alternate Un*x Tools 
System Administration 


Games 


One of the value-enhancing aspects 
of this porting activity involves the 
documentation process. Many of us 
have found that the existing docu- 
mentation is not very useful for real 
people. This lack of good documen- 
tation can be a significant hurdle to 
users and sys admins alike and may 
ultimately result in the user rejecting 
a useful package. To overcome this, 
the project team has hired technical 
writers to generate user-level docu- 
mentation. The writers will interact 
with the porters in an interview for- 
mat to get the basic factual informa- 
tion and then generate base-level 
docs. There will be some review and 
then final versions will be published in 
various forms, including HTML. 

As for when you might be able to 
get ahold of the fruits of this effort, 
our current schedule calls for avail- 
ability on July 1, 1997. This CD will 
be added to the HP Price List 
(Thanks to HP!) and the entire CD 
will be placed on the InterWorks, 
Interex, and HP-UX Porting Archive 
sites for download. We will also be 
looking at some special distributions 
for Interex On-Line (CSL) users dur- 
ing the year. 

As a member of the team who has 
been involved in porting software for 
years, I’m extremely enthusiastic 
about this effort and want to 
acknowledge the extraordinary effort 
that Greg Cagle, Dave Shaw, and 
Doug Siebert have given to get this 


: , yOu Caf 
¥Y easily convert dates 
Y fix invalid dates 


Y support many different date formats 
WY and much, much more! 
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Why not let Suprtool help you? 
Call |-888-ROBELLE Now! 


Unit 201 
15399-102A Ave. 
Surrey, B.C. 
Canada V3R 7KI 


Robelile 


CONSULTING LTD. 


Official Robelle Distributors 


Australia, New Zealand 61 2 9484 3979 
Central America 502 2 314786 
Czech, Slovak Republics. 420 2 723505 
France, Belgium 33 1 69 86 60 00 
Germany. 49 7621 689 190 


SUPRTOOL is a trademark of Robelle Consulting Ltd. 


Greece, Italy. 


Holland, Belgium 


exic 
Saudi Arabia, U.A.E. ........... 966 1.477 4555 


Toll free: | -888-762-3553 Ca etes: 
Phone: (604) 582-1700 
Fax: (604) 582-1799 oe 
E-mail: info@robelle.com 
Web: www.robelle.com 


46 8 G23 00 50 
31 13 5215655 Singapore 65 441 2688 
South Africa 

Switzerland, Austria 41 31 981 06 66 


30 1 777 0561 Scandinavia 
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project off and running. Please drop 
them a note of thanks and also send 
one to the other volunteer members 
of the team: 


m Ralph Dickman, Interex staff 

gm Debbie Lawson, InterWorks/Interex 
staff 

Greg Cagle, HP 

Jim Rice, HP 

Doug Siebert, University of lowa 
Dave Shaw, InterWorks Librarian 
Dave Eaton, Honeywell 

Pierre Mathieu, Geomatics Canada 
Heath Kehoe, Norand 

Paul Gerwitz, HP and Interex CSL 
Chairman 

Chip Richards, Honeywell 

Jeff Hildebrand 


Before I sign off, I'll mention that 
I’ve changed employers. I now work 


for Hewlett-Packard in the PSO, doing 
very much the same type of work I did 
at Kodak. You will find my new phone 
number and e-mail address below. 0 


Paul Gerwitz is chairman of the 
Contributed Software Library committee 
and a technical consultant at Hewlett- 
Packard. For 16 years, he was a technol- 
ogy specialist and analyst at Eastman 
Kodak in Rochester, New York. He can be 
reached at 610-408-6526 or via 
e-mail at gerwitz@interex. org. 
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Continued From Page 15 
OSF-certified Motif + Development, an 
industry-standard Linux distribution, all 
major European languages, and Japanese. 

Users can customize their desktops 
without sacrificing administrative con- 
trol over system configuration. It pro- 
vides a common method of installing 
and integrating applications in a dis- 
tributed multiuser environment. 

CDE Business Desktop is priced at $299. 

Contact Xi Graphics, phone: (303) 
298-7478, fax: (303) 298-1406, e-mail: 
info@xig.com, http://www.xig.com. 


Storage Management 
P2 Software, Inc. has announced its 


Cognos 
Axiant 4GL 
Version 2.0 


Client-Server 
Development © 
oe s has introduced — 
; rsion 2.0, a visu- 
al dee pment environment 
that leverages investments in = 
PowerHouse applications | 
while taking advantage of the 
a fiepae 3 tech- 


Tape Management System for UNIX 
(TMX/TX) Silo Module. The TMS/TX 
Solo Module uses StorageTek Automated 
Cartridge System Library Software and 
supports various UNIX platforms. 

ACSLS provides connectivity to 
StorageTek Nearline tape libraries, 
including PowderHorn 9310, WolfCreek 
9360, and TimberWolf 9710. 

The TMS/TX Silo Module provides 
tape management and interface con- 
trol for UNIX platforms attached to 
StorageTek Robotic Libraries. It gives 
the same functionality, control, and 
managed environment for UNIX sys- 
tems in a data center as exists for the 


ACCESS Stateneat 
SORTED ON Staterwat_sia 
REPORT & 


TAR 1 statenent_detail . statonent.. Sid OF adquery $ 
« HEADING “Statenent’Sia” P eieten 
arnt Aten, ne "OF soquery 


that aioe developers to domnlood: a ne portion. a 
ance tool to identify whether there are ‘Year 2000 date 


applications. 


Axiant 4GL - features « 2 GUL for increased « ease. of 


: 2 } an nee can ‘affect! an ees 
Axiant 4GL starts at $4, 500 D per developer Power 
. at $15, 000 per license. 2 
~ Contact ee phone: (617) 229-6600, hu / / /soe ogn 
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mainframe counterparts. 

TMS/TX can manage any number of 
UNIX hosts connected to tape devices in 
the silo. The product supports and pro- 
vides extensive validation for IBM or 
ANSI labels. Additionally, tape catalogue 
records from mainframe tape manage- 
ment can be imported into the TMS/TX 
tape catalogue, for permanent or tem- 
porary control. 

Contact P? Software, phone: (214) 
340-1833, fax: (214) 349-3765, e-mail: 
jstafford@p2soft.com, http://www. 
p2soft.com. 


New from Onion Peel Software 


RoboMap V2 

Onion Peel Software has announced 
a complete redesign of RoboMap for 
OpenView. Integration with new 
OpenView 4.1 APIs combines original 
features in RoboMap V2 with higher 
throughput while OpenView is running. 

RoboMap now moves OpenView 4.1 
submap contexts between maps or 
between OpenView computers running 
OpenView 4.1. It can hide objects in 
the target map that were hidden in the 
source map. It can also “unmanage” 
objects in the target map that were 
unmanaged in the source map. It can 
hide objects in the target map that did 
not exist in the source map and delete 
objects in the target map that were not 
in the source map. It can rebuild exe- 
cutable icons without using the action- 
map mapping file. In addition, 
RoboMap has a directory browser for 
backing up and restoring image files, 
expanding and collapsing directories, 
and progress meters showing the per- 
centage completed for symbols and 
submaps. RoboMap also automatically 
compresses and uncompresses image 


files to reduce disk space needed. UNIX 
compress and GNU gz files are both 
supported. 


Remote Access for HP OpenView 

Onion Peel Software has announced 
its Remote OpenView Environment 
(ROVE) for HP OpenView, which allows 
remote access to OpenView informa- 
tion from PCs, terminals, and palmtops 
by sharing a single OpenView map. 

ROVE enables network trou- 
bleshooters to gain access to OpenView 
information without being at an X- 
terminal in the office. ROVE deploys a 
streamlined character interface that 
runs on slow dial-up lines from inex- 
pensive terminals and is designed to pro- 
vide all of the significant monitoring 
capabilities of OpenView to adminis- 
trators, technicians, and occasional users 
without the need for expensive LANs 
and X-terminals. 

The product reduces the memory 
and processor bottlenecks of HP’s cur- 
rent X-windows implementation. The 
two versions—ROVE v100 and ROVE 
Motif (which can be mixed) allow real- 
time status, local customized menus, 
event log access, and full map naviga- 
tion. Up to 32 clients can be supported 
simultaneously, with each client requir- 
ing less than 5 MB of memory. 

ROVE is supported on HP-UX 9.x 
and 10.x. 

Contact Onion Peel Software, phone: 
(919) 571-7910, fax: (919) 571-8338, e-mail: 
sales@ops.com, http://www.ops.com/. 


Motif Graphing Widget 

KL Group, Inc. has announced 
Release 3.0 of XRT/graph, charting 
widget for UNIX and OpenVMS user- 
interface developers. 

Version 3.0 includes new graph types, 


Make Performance Tuning 
Easy With SarCheck 


SarCheck is the answer to your performance tuning problems. 
Regular use lets you know exactly what’s happening with your system 
resources and helps you maintain control of them. 


Understand what’s Happening 
SarCheck helps you make sense out of sar data 
by translating pages of confusing output into a 
concise, easy-to-read report - complete with 
tuning and upgrade recommendations. 


Maintain Full Control 

Regular use of SarCheck keeps you in control 
of your system resources and lets you make intel- 
ligent, informed decisions about them. 


Plan for Future Growth 
SarCheck’s Built-in capacity planning features 
allow you to plan for growth - before slow-downs 
or problems occur. 

am ‘@] HEWLETT® 


| PACKARD 
SOFTWARE INC. Channel Partner 


PO Box 1033, Plaistow, NH 03865 
(603) 382-4200 Fax (603) 382-4247  http://www.sarcheck.com 
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in| =-HP/APOLLO® 
Sun Microsystems” 
WORKSTATIONS 


HM Quality depot repairs at substantially reduced cost 


On-Site Maintenance Systems/Spare Part Sales 
for Technical Assistance 
HP/Apollo-Sun Mircrosystems | Buy @ Sell M Repair MM Service 
Savings up to 50% Satisfaction Guaranteed 


CALL US TODAY AT 


AMC COMPUTER SERVICES, INC. 
146-B Rangeway Rd., P.O. Box 286 
N. Billerica, MA 01862 
508-670-9395 Hl FAX 508-670-9327 
1-800-878-2627 
E-MAIL: AMC @TIAC.NET 
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NIT UniShield 3.0 


property pages, enhanced barcodes, 
enhanced axis labels, CDE compliance, 
Motif 2.0 support, and online .PDF doc- 
umentation. 

XRT/graph 3.0 is also available as 
part of KL Group’s XRT Professional 
Developer’s Suite, which includes 
XRT/graph, XRT/table, XRT/3d, 
XRT/field, and XRT/gear. 

XRT/graph 3.0 is priced at $1,995 in 
North America and at $2,400 interna- 
tionally. 

Contact KL Group, phone: (800) 
663-4723 or (416) 594-1026, fax: (416) 
594-1919, e-mail: info@klg.com. 


Web Development 

Prolifics has announced Prolifics 2, 
which introduces Web-based report 
writing, client-side processing, native 
browser extensions, and intuitive end-user 
interfaces for the untrained browser user. 

Prolifics’ ability to perform run-time 
load balancing assures optimal perfor- 
mance when transaction volume peaks. 


It also enables customers to initially 
deploy 2-tier, departmental, and work- 
group applications with a smooth migra- 
tion path to a multitier architecture that 
can support a larger number of users 
and more complex requirements. 

The product provides rapid report 
generation, which is automatically gen- 
erated as HTML and can be invoked 
interactively or in batch mode. It extends 
support for automatically generated 
JavaScript. 

Prolifics’ two-tier tool, JAM/WEB, is 
priced at $5,150. Its three-tier tools are 
priced at $35,000. 

Contact Prolifics, phone: (888) 955- 
7666 or (212) 267-7722, fax: (212) 608- 
6753, http://www.prolifics.com. 


Cross-Platform Development 
TakeFive Software, Inc. has an- 

nounced a new integration module from 

VERILOG for SNiFF+. The module, 


VERILOG’s ObjectPartner, is a CASE tool 
based on OMT analysis and design 


methods. ObjectPartner generates C++ 
code, which is seamlessly loaded into the 
SNIFF+ development environment. 

The integration of SNiFF+ and 
ObjectPartner provides streamlined 
tools for any task in the software life cycle 
within one single environment. 
Developers can freely mix and match 
hardware platforms, compilers, debug- 
gers, editors, third-party tools, and pro- 
gramming languages. 

Its Fuzzy-Parser technology makes 
SNiFF+ powerful and fast. SNiFF+ and 
all integrated tools feature an intuitive 
and easy-to-learn GUI. SNiFF+ simpli- 
fies development and management of 
projects with languages like C, C++, Java, 
FORTRAN, and IDL. Powerful brows- 
ing tools make it easy to sort through 
hundreds of source files. For the test- 
ing phase, ObjectPartner automatical- 
ly takes the project structure issued by 
SNiFF+ to compute online test cover- 
age measurement and to define test 
strategies. 


Losing Track’? 


If you’ve lost track of what I.T. assets you 
have and where they are - you need Asset 
MINDER PRO. Asset MINDER PRO tells 

you what you have, where it is and when it 
needs maintenance. 


Contact TakeFive Software, phone: 
(408) 777-1440, fax: (408) 777-1444, e- 
mail: info@takefive.com, http://www.take- 
five.com/. 


Bar-Coding lets you track physical loca- 
tions, changes and off-site loans quickly 
and easily. 


Object Request Broker for Java 
ObjectSpace, Inc. has released a pub- Keep track of versions, models, serial 
numbers and configurations and use 
Internet buttons to instantly connect to 


important web-sites or e-mail addresses. 


lic beta version of Voyager, said to be 


the first agent-enhanced object request 
broker (ORB) for Java. Developers 
building traditional distributed systems 


For a limited time: 


| $299 standalone version 
find Voyager much more advanced and Jt © amermne 1 $149 per additional user 


easier to use than platforms such as RMI includes one free upgrade! 
and CORBA, the company notes. 


Voyager supports object mobility and | 1-888-| aa agewa re : 


mobile autonomous agents for building PC IMAGEWARE ‘ ; : 
ehinichm email: pci_info@pci-corp.com web: http://www.pci- 


corp.com 


fiz&3 Asset MINDER > 


<2 


# 


agent-enhanced systems. 


Voyager is designed to be used for 
systems development on general pur- CIRCLE 57 ON READER SERVICE CARD 
pose platforms as well as embedded 
applications. Its small size and flexible 


design allow it to easily be integrated Hewlett- 
Packard 
into consumer electronic devices and 9000 


used with a wide variety of communica- 


It’s Our Specialty 


tions protocols. 200/300 Series 400Series 700Series 800 Series 


Voyager is now available for free 216/236/217 425e 705/710 E/F/G 
. 310/320/330 425t 715/720 H/I/K 
download at http://www.object- 350/360/370 425s 730/750 
space.com. The production version of Ab Oh ca 4338 PE 
Voyager will be available in the third We also carry memory and interface for all of our workstations 
quarter of 1997. In the future, Printers Mass Storage Plotters 
: F ee 2225A/B/C/D 9121/9122 DesignJets 
ObjectSpace will offer significant add- 3630A PaintJet 9153A/B/C DraftPro 
i508 ; C1602A PaintJet XL C2254HA DraftMaster 
on capabilities, a complete suite of sup- LaserJet II/ID/IIP C2440HA/JA Desktops 
port services, and a comprehensive aserdet vue C3232A Electrostatic 
: aserJet IIIPIIIsi 
developer support program. As with LaserJet 4L/4P/4,/4+/4SI/4V/4MV - C2213A/D 
i i DAT Drives 
the beta VatSHO Ty: the production Sueclais CD ROMs 
Voyager platform will be free for most DesignJet 650C Plotter Optical Drives 
commercial uses: Source code licens- We offer large discounts, [OEE 
es are also available. outstanding service 
‘ and immediate delivery. Partner 
Contact ObjectSpace, phone: (972) TED DASHER & ASSOCIATES 
934-2496, fax: (972) 663-9099, http:// see 
www.objectspace.com. E-mail: sales @dasher.com 


Web Conferencing 
O'Reilly & Associates has announced 
Building Your Own Web Conferences, which 
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offers a Web application for creating 


real-time, Web-based discussion groups. 
The book/CD package includes 
O’Reilly’s WebBoard 2.0 Web confer- 
encing software for Windows 95 and NT. 

With WebBoard 2.0, any Web site 
can host live, real-time threaded chat 
discussions on multiple topics with 
unlimited participants. The confer- 
ence administrator can display ads or 
messages in chat rooms. The software 
can be used with WebBoard’s own 
multithreaded internal Web server or 
with a Windows CGI- or ISAPI-com- 
pliant Web server. 

The version of WebBoard 2.0 in the 
Building Your Own Web Conferences 
book/CD supports two virtual boards 
with 10 conferences per board and 
retails for $59.95. WebBoard 2.0 XL, an 
extended-license version of WebBoard, 
lets Web administrators create up to 255 
virtual boards, with an unlimited num- 
ber of conferences in each virtual board. 
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Building Your Own Web Conferences (ISBN: 
1-56592-279-4) and the WebBoard 2.0 
XL license are available as a package 
(the WebBoard Power Pack) directly 
from O'Reilly & Associates for $399. 
Contact O’Reilly & Associates, phone: 
(800) 998-9938 or (707) 829-0515, fax: 
(707) 829-0104, e-mail: info@ora.com. 


Math Solutions 

Solveware, Inc. has developed 
MATHANSR, a program to make math 
solutions easy for the expert as well as 
the novice. In solving right triangles, for 
instance, only two numbers are needed 
to obtain all the dimensions for a right 
triangle. There are separate solutions 
for each of many math problems 
encountered in the real world. The solu- 
tions are displayed with graphics as well 
as tables. 

MATHANSR was developed to fill a 
need for obtaining accurate answers, 
quickly, on the shop floor of a mold 


making business. It is a 


V-Systems spreadsheet program that 
_ VSI-FAX runs on Microsoft’s Excel. 
Gold Series 


The user can only enter 
numbers in the “unlocked 
cells,” making the program 
very forgiving. By using 
some of the features of 
Excel, any answer can be 
obtained for any dimension 
on the graphically displayed 
figures. Colors are used 
extensively to aid in com- 
munication. 

Contact Solveware, Inc., 
phone (561) 575-4502, fax: 
(561) 575-9841, http://www. 
solveware.com/. 


Java-Based Data Analysis 
Visual Numerics, Inc. has 
announced JWAVE 1.0, which enables 
PV-WAVE users to create visual and 
numerical data analysis client applica- 
tions written in Java. These Java appli- 
cations communicate with a PV-WAVE 
server, which acts as a graphics and 
numerics engine for the client. 

JWAVE provides Java classes for plot- 
ting data and supports the full range of 
PV-WAVE capabilities. At the same time, 
it bars access to critical data. 

JWAVE consists of a set of Java com- 
ponents (classes) based on Netscape 
Internet Foundation Classes (IFC). 
Application developers can create Java 
programs that perform complex numer- 
ical analyses and generate 2-D plots, sur- 
faces, contours, animations, and other 
graphical data representations. JWAVE 
supports real-time collaboration and 
provides necessary encryption features. 

A free evaluation copy of JWAVE can 
be downloaded from Visual Numerics’ 
Web sit at http://www.vni.com. Its start- 


Make the UNIX to MPE Connection 


IX/92- 


Full featured HP terminal emulation 


ing cost is $3,395. 
Contact Visual Numerics, Inc., : 
phone: (800) 364-8880 or (303) 530- N ew! Ve rsion 6 
9000, fax: (303) 530-9329, e-mail: mar- 
garet@boulder.vni.com. 
@ 
Project Management Faster File Transfer 
Micro Planning International (MPI) ¥ 
has announced MICRO PLANNER X- NS/VT Network Option 
Pert - Version 2.4.2, and MICRO PLAN- En hanced Script Language 
NER Manager - Version 1.4.2. The latest 
releases offer added features and Available for: 
enhancements, including an automat. HP-UX _ Interactive UNIX SCOUNIX SunOS/Solaris 
ic update feature, “Year 2000” compli- 
ance, and increased speed. Software Licensing Corp., Suite 280, 930 Tahoe Blvd. Unit #802 
MICRO PLANNER can be used inde- Incline Village, NV 89451-9436 . 


Phone: (800) 831-0882 or (702) 832-0881 Fax: (702) 832-0883 


pendently or can be combined to pro- All trademarks are the property of their respective holders. 


vide a total enterprise-wide solution. 
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the project level, while X-Pert is designed z 
for use at higher levels in the organiza- Lar Ze Da tabases Requ ire ao a 
tion for consolidating and managing . cag 
many projects or subprojects. New Solutions for Backup !!! Ly 


MICRO PLANNER also accommo- ls 
dates multiple platforms by offering Backup 4 to 8 Gigabytes/Hour/Drive 
complete “file open” compatibility FINALLY! Store 20 to 40 Gigabytes/Tape 
between Macintosh, UNIX, and Random Libraries from 5 to 264 Cartridges 


Windows versions. MICRO PLANNER 
X-Pert is priced at $1,995. MICRO 
PLANNER Manager is priced at $695. 
Contact MPI, phone: (800) 852- 
PLAN or (303) 757-2216, fax: (303) 757- De 
2047, Ba 


: Restore and : 
~ Softwar Heterogeneo 


Mainframe-Class Storage 

Zitel Corporation has announced 9- 
GB drives in its CASD-II/Enterprise stor- 
age solution. CASD-II/Enterprise features 


“ntelligence-based” caching technology, 
mainframe-class design, and modular | Dallastone also sells and supports all major brands — 


architecture to deliver performance, scal- Quantum, Breece Hill, ADIC and Odetics 

ability, reliability, availability, and service- DALLASTONE Phone 603-647-8168 
ability. The CASD-II/Enterprise entry-level . 2 Cote Lane Fax 603-624-2466 
storage module system includes 36 GB of Bedford, NH 03110 Email dtool@delphi.com 
disk, 64 MB (scalable to 512 MB) of ECC 
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protected cache, Dual Port/Dual Path 
SCSI interface, redundant power system, 
and a combination battery charger/ 
power supply and rechargeable battery. 
The N+1 “Plus” power system protects the 
data in cache memory (non-volatile RAM 
or NVRAM) by safely destaging the data 
to disk in the event of a power failure. 
Additionally, each time another storage 
module is added to a configuration, 


capacity, performance, and connectivity 
are scaled linearly. 

Contact Zitel, phone: (510) 440-9600 
or (800) 622-5020, fax: (510) 440-9666, 
http://www.zitel.com. 
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Order Fulfillment Solution 

Industri-Matermatik International 
Corporation (IMI) has announced 
Version 5 of its System ESS demand 
chain management solution. System ESS 
helps companies maintain timely and 
accurate information flows across glob- 
al order fulfillment planning and exe- 
cution processes. 

Version 5 features an object-orient- 
ed, standards-based architecture that 
enables users to tailor System ESS. It 
also provides a “plug-and-play” envi- 
ronment, enhanced integration with 


other solutions (Oracle, Manugistics, 
and Metasys), and support for Java-based 
development. 

A new service management compo- 
nent addresses the needs of vertical 
markets, such as wholesale/retail. Re- 
designed electronic commerce compo- 
nents make it easier to conduct business 
using EDI and Internet messaging. The 
Business Engineering Workbench doc- 
uments changes to System ESS and pro- 
vides a graphical online help facility. 

Pricing is based on customer config- 
uration and typically starts $600,000. 
System ESS runs on HP-UX and other 
platforms. 

Contact IMI, phone: (914) 631-2700, 
fax: (914) 631-5111, http://www.im.se. 


AWK Programming Guide 

Specialized Systems Consultants, Inc. 
(SSC) has announced Effective AWK 
Programming, Second Edition by Arnold 
Robbins, a user’s guide for AWK and its 
GNU implementation, gawk. Informa- 
tion is presented in a tutorial format 
with practical tips and examples pre- 
sented in a clear and concise manner. 
The appendices include a complete lan- 
guage summary, installation informa- 
tion, and a glossary. This edition adds 
updates for GNU gawk version 3.0.3 and 
is bound with SSC’s AWK Reference card, 
also by Robbins. 

AWK, a reporting language based on 
the concepts of the UNIX tools grep and 
sed, is a sophisticated language that 
includes user-defined functions and 
dynamic regular expressions. AWK is 
defined in the POSIX Command 
Language and utilities standard and is 
available for many platforms, including 
MS-DOS, VMS, and most UNIX platforms. 

Effective AWK Programming is priced 
at $27. 


Contact Specialized Systems Con- 
sultants, Inc., phone: (206) 782-7733, fax: 
(206) 782-7191, e-mail: sales@ssc.com, 
http://www.ssc.com/. 


Ultra SCSI Interconnection 

ATTO Technology announced SCSI 
Sidekick, an Ultra SCSI operating sys- 
tem independent device that combines 
the benefits of a SCSI signal convert- 
er, bus extender, and bus isolator into 
one unit. 

The SCSI Sidekick converts the SCSI 
signal, enabling a single host adapter to 
communicate with a combination of sin- 
gle-ended and differential SCSI devices 
on the same SCSI bus with no perfor- 
mance degradation. Integrators can now 
interface the noise reduction and 
extended cabling advantages of popu- 
lar differential SCSI devices with the vast 
base of low cost, single-ended products 
without the need for system reconfigu- 
ration. A bus isolation switch allows 
workgroup members to disconnect the 
device from the host without shutting 
down the entire system. 

SCSI Sidekick’s operation is trans- 
parent and does not occupy a SCSI ID. 
In addition, the unit provides Upper- 
Byte Termination, which allows com- 
munication with both narrow (8-bit) and 
wide (16-bit) devices on the same bus. 

ATTO SCSI Sidekick is priced at $295. 

Contact ATTO Technology, Inc., 
phone: (716) 691-1999, fax: (716) 691- 
9353, e-mail: mkt@attotech.com, http:// 
www.attotech.com. 


Print Spooler 
LBM Systems has announced a Java 
Network Client for UniQue Print, LBM’s 
mainframe-caliber print spooler for UNIX. 
In many network environments, a 
single UNIX machine functions as a print 


ALPHANUMERIC PAGING 


ROBUST, RELIABLE, 
USER-FRIENDLY DELIVERY 
OF MESSAGES ANYTIME, 
ANYWHERE 


e Email forwarded to pager automatically 

e Pages can be generated from scripts 
and network monitoring programs 

e GUI and command line interface 

¢ Works with any paging service 

¢ Automatic email confirmation, history 
logs and error reporting 

© Client-server technology 

e Works with digital and alphanumeric 
pagers 


Personal Productivity Tools 
for the Unix Desktop 


14141 Miranda Rd 

Los Altos Hills, CA 94022 
Email: sales@ ppt.com 
Tel: (415) 917-7000 

Fax: (415) 917-7010 , 
http://www.ppt.com 
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Don’t Gamble with Your Data.. 
The Model 4/30 DLT Tape Library, offered 


Cover Your Assets! 
by Concorde Technologies, 
provides state-of-the-art automated backup and archiving to small- and 
medium-sized departments and workgroups. The 4/30 is easily scalable, 
featuring the lightest and most compact robotics ever designed, transports 
tapes faster and more 


efficiently than linear with state-of-the-art automated 
robotics systems, has 


backup and archiving 
transfer rates of up to 144 gigabytes 


per hour and has an average access time of less that 6 seconds. 


Concorde Technologies offers a selection of tape systems that provide the 
fastest access time in the industry. These tape-base systems, of which the 
4/30 is the newest and smallest, give users access to large data files and 

quick retrieval times through industry-leading robotic designs. 


CONCORDE 


Concorde Technologies is a leading 
provider of optimized storage solutions TECHNOLOGIES 
for Open System users. The company's 

products and services are used to store, pein 20.09 
transport and secure more than 100 petabytes of information, ranging 
from mainframe data to client/server applications to video and still images. 


Concorde Technologies, an HP Channel Partner and a StorageTek Global Partner 
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new products 


server, which allows ease of administra- 
tion and trouble-shooting, centralized 
control of system resources, and simpli- 
fied printer administration. A Java man- 
ager program, PC/NT client printing 
software, and UNIX client programs pro- 
vide complete access to and control over 
all printing functions through UniQue 
Print without having to log on to the 
UNIX print server. A single GUI refer- 
ence screen with color-coded status dis- 
plays allows printing output to be 
monitored at a glance. Without logging 
onto the server, remote users have the 
ability to start and stop jobs; print partial 
jobs; change print jobs according to form, 
class, group, number of copies, page 
range, and queue position; schedule 
printers by class and/or group; control 
paper and stock by on screen prompt; 
access any filter, forms overlay, fax gate- 
way, or virtual printer; and handle remote 
and local printers identically. 

Contact EBM Systems, phone: (203) 
966-0661, fax: (203) 966-8242, http:// 
www.l|bmsys.com. 


SCSI Connectivity 

APCON, Inc. has announced its 
newest SCSI Bus Extender, PowerLink. 
PowerLink extends the SCSI bus to 10 
km while supporting Ultra Wide SCSI 
performance at a maximum SCSI data 
rate of 40 megabytes per second. 

PowerLink provides real-time access 
to remote peripheral devices such as 
RAID arrays, tape libraries, optical juke- 
boxes, and CD-ROM towers that are 
located up to 10 km from the host com- 
puter. PowerLink supports low-cost coax 
for extensions up to 30 meters, high- 
performance coax to 200 meters, a mul- 
timode fiber optic interface for distances 
to 550 meters, or optionally, a single- 
mode optics interface to 10 km. 
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A GUI allows the system adminis- 
trator to remotely operate and control 
selection of extension interfaces, 
report SCSI bus activity, gather per- 
formance statistics, and initiate on- 
board diagnostics. 

The Powerlink external unit, Model 
ACI-2030 retails for $4,000 for the single 
ended version and $4,500 for differen- 
tial. Both versions are available off the 
shelf. Lower-cost board versions are also 
available for complete internal system 
integration. 

Contact APCON, phone: (503) 639- 
6700, fax: (503) 639-6740, e-mail: 
info@apcon.com. 


Decision Support Tool 

Leading Market Technologies, Inc. 
(LMT) has announced EXPO/ 
Econometrics, an add-on module to 
LMT’s EXPO analytics and decision sup- 
port platform. 

EXPO/Econometrics 
“point-and-click” access to a wide range 


provides 


of tests and estimation techniques; inte- 
gration with all major data distribution 
platforms and major market data 
sources, including OPEN BLOOM- 
BERG, Reuters, Bridge, FAME, and LIM; 
and important innovations in applied 
econometrics requested by LMT’s 
clients. 

The EXPO/Econometrics module 
provides a full set of econometric tests, 
transformation functions, correlations, 
and estimation techniques including 
ARCH, rolling regression, multivariate 
regression, seasonal adjustment with 
moving averages, post-regression resid- 
uals tests, and multicollinearity testing. 

The EXPO/Econometrics module is 
priced at $3,995 for Windows 95/NT 
and all major UNIX platforms, includ- 
ing HP-UX. 


Contact Leading Market Tech- 
nologies, phone: (617) 494-4747 ext. 
235, fax: (617) 494-4788, e-mail: sgal- 
la@world.std.com. 


Object-Relational Application 
Development 

Black & White Software announced 
D/Enable Version 2.0. DB/Enable is 
comprised of CORBA-based adapters 
that encapsulate relational databases as 
object-based servers, supporting the 
access and retrieval of arbitrary data 
structures. DB/Enable provides exten- 
sive graphical development tools to 
interactively create, modify, test, and 
generate code for Oracle, Sybase, and 
Informix applications. 

CORBA employs IOP as the basis 
for network communication among het- 
erogeneous components and uses a 
drag-and-drop metaphor for easily 
attaching database queries and respons- 
es to user interface components. Source 
code is automatically generated that uti- 
lized the DB/Enable convenience 
library. 

New features include a C++ inter- 
preter for testing code on the fly, three- 
tier architecture, the ability to 
encapsulate relational database queries 
into reusable objects, and support for 
simultaneous connections to multiple 
dissimilar databases. 

DB/Enable 2.0 is available now as a 
beta release on Solaris-2 and HP-UX 
10.x. DB/Enable is priced at $3,000. 

Contact Black & White Software, 
phone: (408) 369-7400, fax: (408) 369- 
7406, e-mail: info@blackwhite.com. 


C++ Graphics Toolkit 

Interactive Network Technologies, 
Inc. (INT) has announced Version 1.1 
Carnac, its 2-D graphics toolkit. Two 


Software Developers Kits (SDKs) have 
been added to the toolkit, the Flavors 
SDK and Dynamic Scenes SDK. Carnac’s 
extensibility allows developers to tailor 
the product to their exact requirements. 
The Flavors SDK simplifies the pro- 
duction of user-defined primitives (com- 
plex shapes), while the Dynamic Scenes 
SDK assists with the production of the 
code for generating dynamic scenes on 
the fly. In addition, support for 1, 8, and 
24-bit rotatable, shareable, and scalable 
images with full transparency control 
has been added. Finally, CGM output 
has been added to the existing options, 
which already include support for a wide 
range of printers and PostScript format. 
Carnac is available for Windows 95, 
Windows NT, and most common 
UNIX/X Window implementations. 
Contact INT, phone: (713) 975-7434, 
fax: (713) 975-1120, e-mail: info@int.com, 
http://www.int.com. i) 


Attention vendors: New product announce- 
ments should be sent to New Products Editor, 
hp-ux/usr magazine, Interex, PO. Box 
3439, Sunnyvale, California 94088-3439, 
USA, or e-mail: pollace@interex. org. 

Deadline for submission is two months 
pmor to publication. 


Do You Know Where Your Security Holes Are? 
Find Them with SecurityAudit/UX! 


Have You Heard that UNIX is Notorious for Its Lack of Security Features? 
Do You Know Where to Check fo See if Your HP-UX System is Secure? 
Do You Have the Time to Do This Checking Regularly? 

Use SecurityAudit/UX To Do It All! 


EVEN IF YOUR SYSTEM IS SET UP CORRECTLY (AND HOW WOULD YOU KNOW IF IT WAS?) AND HAS NO SECURITY LOOPHOLES, IT CAN 
BE VERY DIFFICULT TO MONITOR SYSTEM CHANGES, AND TO ENSURE THAT SECURITY ISN’T COMPROMISED. THE MAGNITUDE OF THE 
PROBLEM INCREASES AS THE TOTAL NUMBER OF USERS CONFIGURED AND THE TOTAL NUMBER OF FILES GROWS. IT’S EASY FOR 
ORDINARY USERS TO CHANGE THE SECURITY OF THEIR OWN FILES TO ALLOW OTHERS TO ACCESS THE CONTENTS. A LOOPHOLE LEFT 
BEHIND INADVERTENTLY OR ON PURPOSE MAY BE EXPLOITED BY A DISGRUNTLED EMPLOYEE OR A HACKER TO BREAK SYSTEM 
SECURITY, SOMETIMES MUCH LATER. 


SecurityAudit/UX PRODUCES OVER 40 REPORTS, CONTAINING DETAILED INFORMATION ON THE FOLLOWING CLASSES OF 
PROBLEMS: 
User and Group-related problems, including weak passwords and non-unique identification numbers. 
File-system related problems, including historical tracking of files and detection of potential Trojan horses. 
PDF-related security problems, extended to detect changes in ACL specifications. 
Logging subsystems status display, and logfile analysis. 
Network-related status display and configuration weaknesses. 


SecurityAudit/UX RUNS ON ALL HP-UX BASED 9000 SERIES 700 AND 800 SYSTEMS, AND HAS BEEN SPECIFICALLY TAILORED TO 
ADDRESS PECULIARITIES OF HP-UX, SUCH AS PDF, ACL AND HP’S SHADOW PASSWORDS. 


Call EUGENE VOLOKH for more info! 


VESOFT 


Purveyors of Fine HP Software 
Since 1980 


(310) 282-0420 


1135 S. Beverly Drive 
Los Angeles, CA 90035 U.S.A. 


FAX (310) 785-9566 
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we “Computer Express est. 1983 
i ... The Fast Track to Success 


HP3000 Professionals 


Immediate openings in New England, Florida, Kentucky and Texas 


Established in 1983, Computer Express is a nationally known L.T. consulting firm based in Boston 
(Wakefield, MA). We have immediate openings for skilled HP3000 professionals with experience in: 


eCOBOL 

¢ POWERHOUSE 

°e ASK 

¢ SPEEDWARE /PROTOS 


If you are experienced in any of the above areas, we can offer competitive wages, Section 125 
Medical/Dental, 401(k), Tuition Reimbursement, Vacation/Sick time, and more! Contact our Recruiting 
Department for more details. 


L 


Computer Express, Inc. 

301 North Ave., P.O. Box 308, Wakefield, MA 01880 
Voice: 617-246-4477, Fax: 617-246-1434 
E-Mail: jobs@ComputerExpress.Com 
Web: http://www.ComputerExpress.Com 


| 
_ 


tember NACCB 
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Sign up NOW for Spring 1998 Listings 


hp-ux/resource directory 


The hp-ux/resource directory is a complete resource guide for HP-UX users seeking answers. This is one of the 
industry's most extensive reference guides for HP-UX products, services, and vendors. It will be devoted entirely to 
HP 9000 users operating in multi-user, workstation, and multi-system UNIX environments. This bi-annual directory, 
published each year in March and September, is a separate publication mailed out with hp-ux/usr magazine, the only 
HP-specific publication on the market. 

Added BONUS: your message will reach your customers for one full year on the Internet. Look for the directory on the 
Interex home page http://www.interex.org. The investment for a full year listing in the hp-ux/resource directory is $475. 


Propuct CATEGORIES 


Accounting 

Accounting/Financial 

Accounting Software 
Alphanumeric Paging Software 
Application Development Software 
Application Development Tools 
Application Development Tools/4GL 
Application Engineering 
Automated Software Quality 
Backup Hardware 

Backup/ Restore 

Backup Software 

Bar Code Data Collection Systems 
Batch Job Management 

Books 


Business-Critical Application Development & 


Deployment 
Business Software 
CD-R 
CAD Software / Hardware 
Change Management for Software 

Development 
Change Management Tools 
CheckPointRestart Facility 
Client-Server 
Client-Server Software 
Communications 
Communications Servers 
Communications Software 
Consulting 
Consulting/Systems Integration 
Customer Support 
Customer Support/Help Desk Systems 
Database Management Systems 
Database Management Tools 
Data Center Management 
Data Migration Tool 
Data Warehousing 
Decision Support Systems 
Disaster Recovery 
Distributed Computing 
Distribution Software 
Distributor 
Document Management 
Editors 
Electronic Data Interchange (edi) 
Electronic Form Printing 
E-Mail & Directory Integration 
End-User Access Tools 
End-User Computing 
Equipment 
Facility Maintenance Software 
Executive Information Systems 
Fault Management 


Fax Automation 

Fax Software 

File Manager Utlity 

Financial 

Fourth Generation Language 

GIS (Geographic Information System) 
Government & Utility Software 
Graphics 

Groupware 

Hardware 

Hardware/Mass Storage 

Help Desk Management 

Hardware Subsystems 

Hierarchical Storage Management 
Human Resources & Personnel Systems 
Image Processing 

Image Storage & Retrieval Management 
Industrial Terminals 

Instrument Control 

Integration Tools 

Interface 

Internet 

Internet Commerce 
Internet/Intranet 

Internet Services 

Internet Solutions 

Inventory Control 

I/O Boards 


Job Scheduling & Workload Management 


Justice Software 

Laser Printing Software 
Maintenance 
Manufacturing Software 
Mass Storage 

Mass Storage Peripherals 
Math Library 

Memory 

Memory Upgrades 
Middleware 

Migration Services 
Migration Services/Tools 
Migration Tools 
Millennium Solutions 
Multimedia 

Network Backup Software 
Networking 

Networking Systems 
Network Management 
Output Management 
Payroll 

PC Card Reader 

PC Integration 
Performance 
Performance Software 


Personnel Management 
Pointing Devices 

Personnel Services 

Power Protection & Conditioning 
Printers 

Print Management 

Print Management Software 
Process Control Software 
Production Planning 

Project Management 

Protocol Converters /Interfaces—Hardware 
Publications 

Public Safety Software 

Quality Assurance Tools 

RAID 

RAID Disk Arrays 

RAID Storage 

Records Management 

Remote Networking 

Rentals 

Report Viewing, Printing, & Distribution 
Report Writers 

Sales & Marketing 

Scheduling 

Scheduling/Task Management 
Security 

Service Repairs 

Software 

Software Backup 

Software Development Tools 
Software Distribution Tools 
Software Maintenance & Testing 
Spoolers 

Spreadsheets 

Statistics/Data Analysis 

System Integration 

System Management 

System Management Tools 
System Printers 

3-D Graphics Tool Kit 

3-D Porting Tool 

Tape Backup Products 

Tape Storage/Data Interchange 


Technical Documentation/Cross Referencing 


Terminal Emulation 

Text & Information Retrieval 

Time & Billing 

Time Reporting Terminals 
Training 

User Groups 

Video/ Keyboard/Mouse Extension 
Warehouse & Distribution Management 
Workstations 


Other categories may be created as needed. 


ea 
Coe 
Sd 
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Spring 1998 Listing Form 


FIRST EACH 
LISTING ADDITIONAL LISTING TOTAL 
|] Listing (includes two issues) $475 $375 $ 
Hyperlink to your home page $500 $150 $ 
$1.00 Per Word Over 75 Words $ 
Company Product Logo or Photo $100 $ 50 $ 
Cross Reference $200 $200 $ 
Total $ 
Closing Date: Friday, December 12, 1997 
1, 
Category Product Name 
Operating Environment 
2. 
Category Product Name 
Operating Environment 
3. 
Category Product Name 
Operating Environment 
4. 
Category Product Name 
Operating Environment 


Product Description 
Please attach product description. Be sure to indicate product name and operating environment above. 
Note: There is a $1.00 per word charge for each listing over 75 words. 


Company Name 


Address 

City State Zip 
Telephone Fax 

Web URL E-mail: 

Authorization: 

Signature Print Name 

Title Date 


INTER-OFFICE USE ONLY: Please mail or fax completed form and listings to: 
Interex, 1192 Borregas Avenue, Sunnyvale, CA 94088, U.S.A., Attention: Kathie Schwartz, 


REESE: TRCHENA eae ISMN GE een lar eaegONy 800.468.3739, ext. 620, 408.747.4620, Fax 408.747.0947, E-mail: schwartz@interex.org. 


LOGO: PHOTO: LINK: 


RE-NEW LISTING: (new to category and/or directory) PAYMENT OR PURCHASE ORDER MUST ACCOMPANY ALL ORDERS 


COPY: New __| Changes Pickup 
LOGO: L] New Pickup J] None 


PHOTO: |] New __] Pickup None 
LINK: 


REPLACE LISTING: (existing copy in hprd, in same category) 
; COPY: [] New Changes Pickup 
LOGO: | New Pickup None 
PHOTO: New Pickup None 
LINK: . 


interex 


Shared Success for 
HP Computing 
Professionals 


Interex, the International Association of Hewlett- 
Packard Computing Professionals, can turn you 
into a hot shot HP computer user. By joining 
Interex now, you'll not only receive all the 
traditional value of Interex membership, you'll 
also receive exciting, new member benefits! 
Your new member benefits will include sig- 
nificant discounts on both technical publications, 
technical training, and special advisory services. 


Member Benefits: 


$200 OFF registration for HP World Conference & Expo 


Membership in 


rates (i app! icable) 


Hot News weekly e-mail newsletter 


1 Free subscription to hp- -uxfust. magazine (ar 9000 focus) 


1 Free subscription ey Interact magazine (uP 3000 focus)* 


Download Interex publications 
with keyword search capabilities 


Free bi- annual i issues ; of hp-ux/re esoure ce dire ectory y 2 


(HP 9000 focus)* 


Free bi-annual issues of Vendor Service Source i iti—~S 
__ Directory (HP 3000 focus)* 


» 20% Discount on all Prentice-Hall and O'Reilly 
technical publications 


1 Free subscription to InterexPress (HP, industry and ~ 
Interex news magazine 


M, Up to 15% Technical education discounts on NI,UNIX, Oracle, | 3=—Sti<i‘(O;:;*~™*” 
Internet, Java, etc. through ClassPass, Datatech Institute, and Abtech 


Vote i in Interex Board elections 


Annual Advocacy Survey participation oo 


System Improvement Ballot participation 


Access Special Interest Groups (SIGs) 


Library (HP-UX, MPE, RTE) of over 4,800 programs 


~ Contributed Software Library release 
(HP-UX, MPE, RTE) in the format of your choice 


BECOME A 
HOT SHOT 
HP COMPUTER USER. 


The technical publication discount gives you a 
20% discount on all Prentice Hall and O'Reilly 
publications. Similarly, the new technical educa- 
tion discount of up to 15% gives members a 
chance to get the training they need to tackle 
today’s critical computing issues. And through 
Gartner Group services, you can gain special 
industry-focused analysis at 20% off. 


20% Discount on Gartner Group Premium research and analysis 


GET EXCITING 


NEW MEMBER 
BENEFITS! 


Get valuable computing 
solutions throughout the year! 
It's easy! Just choose the membership 

level (see below) that best suits your needs 
and either call an Interex Membership Rep 
at 1-800-INTEREX or. sign up via the Web 

at http://www. interex.org/mem.html 


oes Tepe—Mi mil Pane yon a arose trl COU .t—O ‘ 
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“Associate Level Membership is entitled to hp-ux/ust magazine OR Interact magazine and the hp-ux/resource directory OR the Vendor Service Source Directory. 


Members 


é 


SIGNATURE 


MONTH / DAY / YEAR 


NAME (LAST/FIRST/MIDDLE INITIAL) 


TITLE 


COMPANY 


ADDRESS 


“MAIL STOP 


CITY/TOWN 


STATE/PROVINCE ~~—*ZIP 


COUNTRY 


TELEPHONE/EXTENSION 


FAX 


E-MAIL ADDRESS 


Membership Level (please check one) 
LJ Associate Level with annual subscription to: 


L) Contributing Level 


® Annual budget 
What is your total external IS spending on 
hardware, software, networking, and contract 
services for the full current budget year? 


i For 
entire 
organization) 


m Systems 


Computer technologies you are involved 


with and/or you plan to purchase: 
(check all that apply) 


LJ) Contributing Level Plus Online Service 
Preferred CSL Format: (Choose one) ©) DAT 4mm 
Additional Software Selections (Choose one or both) 


(J 1600 BPI Magnetic Tape = ©) 6250 BPI Magnetic Tape 
Q) HP-UX 10.x FastStart Toolbox and/or ©) MPE Freeware Tape 


Member Activities (open to all levels of membership) 
| would like to join and/or participate in the following, please send more information about: 
L) Local User Group ) Presenting at a conference or local user group meeting 


(J) InterWorks Technical Users Forum of Interex 
(for HP-UX related system administration, 
network management and software development) 

} Special Interest Group(s) regarding: 


Payment Information 
L) Check enclosed for $ 


L) Bill me. Purchase Order enclosed. PO# 
L) visA 


LJ Charge my: 
Account# 


Signature 


LJ HP World 
L) InterWorks 


* 
, payable to Interex 


L) MasterCard 


J Writing an article for hp-ux/usr, Interact or InterexPress 
_} Interex Conference and educational events: 


LL) MPE Programmers’ Forum (IPROF) 
L) Regional Seminars 


L.) American Express 


| Exp. Date 


“Canada and Mexico, add $25. All other countries outside the U.S., add $50 for additional postage. 
Foreign currency is accepted, but payment must be the equivalent of U.S. currency. 


Demographics (cequirea) 


@ Your job function: 
(check up to three if applicable) 


Owner/President/CEO 

VP/Corporate Officer/CFO/Controller 
CIO/MIS Director 

Sales/Account Representative 

MIS Manager 

Operations/Data Center Manager 
Technical Manager 
Scientist/Researcher 

Electrical Engineer/Mechanical Engineer 
System Administrator 

Database Administrator 

Network Administrator/Manager 
Systems Analyst 

Software Developer/Programmer 
Operator 

Consultant/Educator 

Other 


Please Specify 


USR897 


@ Primary type of business: 


(check one) 

Manufacturing (computer hardware) 
Manufacturing (non-computer products) 
Systems Integrator/VAR 

Software Developer 
Finance/Banking/Insurance/Real Estate 
Retail/Wholesale/Distribution 
Utilities/Communication Services/ 
Transportation 

Government/Military 

Health Services 

Education 
Agriculture/Mining/Construction 

R & D /Testing/Evaluation Labs 

Other 


Please Specify 


Service Agreement 


If you relocate, should services transfer 
with you? 


Yes No 


™@ Purchases you influence, 
specify or recommend: 
(check all that apply) 


Computer/Workstation Systems 
(including Desktops, micros, minis, 
mainframes, etc.) 


drivers, modems, memory boards, 
graphic enhancements, etc.) 
Software (including application 
packages, RDBMS, graphic toolkits, 
communication software, compilers, 
languages, etc.) 

Networks (including LANs, WANs, 
terminal servers, etc.) 

Services (including on-line services, 
maintenance, education, training, etc.) 
None of the above 


@ Application Support 


Commercial 
Technical 
Both Commercial and Technical 


Peripherals (including printers, disk/tape 


_..Please specify: 
HP 3000 


Windows NT desktops _ 
Windows NT servers __ 


® Mailing List 
Would you like to receive mailings about other 
computer-related vendors’ products and services? 


Yes No 


How to Contact Interex: 


WWW Complete and submit an 
electronic application at 
http://www. interex.org/cgi/memapp/pl 


Fax Fax completed form (credit cards only) 
__ to: 1.408.747.0947 
Mail Mail completed form with payment 
(if applicable) to: Interex, PO. Box 3439, 
Sunnyvale, CA 94088-3439 


The primary application that you support is: 


QUESTIONS? | | 
Call 1.800.INTEREX or 1.408.747.0227 


| | ( 
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(800) 682-0200 


ave hp-ux/usr a july/august 1997 


(800) 961-7840 or (919) 387-0076 


Cut Superhuman tasks down to size. 


Michel Lotito of Grenoble, France was known as Monsieur Mangetout (“* Mr. Eat- 
Everything”). Among the delectables he consumed were chandeliers, TV sets and 
an entire Cessna light aircraft. Now there's an appetite for big challenges. Which 
also describes IBM’s DB2 for HP-UX. A great majority of the Fortune 500 already 
use DB2 to manage vast, complex databases. ‘Today, this scalable solution is ready to 
go to work in your HP-UX environment — to help keep data safe, secure and easily 
accessible. In combination with IBM’s Net.Data for HP-UX, DB2 can also help you deploy databases in dynamic Web 
applications. These are just two powerful and proven IBM solutions now available for HP-UX. Others include MQSeries, 
ADSM, Lotus Domino, Transaction Server and more. For further information — including opportunities for resellers — 


contact your HP distributor or visit the IBM Software for HP-UX Website at www.software.ibm.com/hp 
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IBM, MQSeries, DB2, Net.Data, ADSM (ADSTAR Distributed Storage Manager), and Transaction Server are registered trademarks of International Business Machines 
Corporation. Lotus Domino is a registered trademark of Lotus Corporation. All other company and/or product names are trademarks of their respective companies. 
©1997 IBM Corp. All rights reserved. Reprinted from the Guinness Book of Records, 1997©. Permission granted by Guinness Media Inc. 


Don't risk ruining your image. 

Choose KEA!,” the complete 
solution for integrating VAX” and 
UNIX® host 
PC applications. Feature-rich and 
user-friendly, KEA! lets you create transparent links 


information with 


between Microsoft® Windows® documents and 


host documents. 
CIRCLE 2 ON READER SERVICE CARD 


FEATWRES: 


* REA! 420 for DEC" 
VT420 emulation 


* KEA! 340 for DEC’ 
VT340 graphics and 
VT420 emulation 


> Supports DDE, OLE, 
HLLAPI, WinHLLAPI 
and Attachmate’s 
Enterprise Access 
Library for 
automation and 
integration 


* Fully customizable 
menus and SmartPads 


* Macro language with 
macro recorder 


* Multiple sessions 
New in Version 5.0: 


* One CD for Windows’, 
Windows 95 and 
Windows NT” 


- Configuration wizard 
- TrueType font 
* Configurable toolbar 


* Drivers for LK450 and 
Powerstation ’ keyboards 
in Windows 95 


Call 1-800-933-6751 


www.attachmate.com/ad/hpv.htm 
Source Code: 630.02 


Attachmate is a registered trademark and KEA! 
and Powerstation are trademarks of Attach- 
mate Corporation. Microsoft Windows and 
Windows NT are registered trademarks of 
Microsoft Corporation. DEC and VAX are 
registered trademarks of Digital Equipment 
Corporation. UNIX is a registered trademark 
in the United States and other countries, 
licensed exclusively through X/Open Com- 
pany, Ltd. TrueType is a trademark of Apple 
computer, Inc. All other trademarks or regis- 
tered trademarks are the property of their 
respective owners. 


=Attachmate. 


